[CLSA-2026:1781626852] frr: Fix of CVE-2026-37457
Type:
security
Severity:
Important
Release date:
2026-06-16 16:21:06 UTC
Description:
- CVE-2026-37457: fix off-by-one out-of-bounds write in BGP FlowSpec operator-array bounds check (bgp_flowspec_op_decode and bgp_flowspec_bitmask_decode)
CVEs fixed:
Updated packages:
  • frr-8.5.3-9.el9_6.1.tuxcare.els1.x86_64.rpm
    sha:dced9300fccb10f7720b38e59f40565536ac02e8b2bec9a12a1f1592cd28bd7c
  • frr-selinux-8.5.3-9.el9_6.1.tuxcare.els1.noarch.rpm
    sha:a21cb898c2aae2c98412d49df30084136b954e32ca1819a5e5ac39b8c531513c
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.