{ "document": { "aggregate_severity": { "text": "Medium" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/almalinux9.2esu/vex/2022/cve-2022-43681-els_os-almalinux9_2esu.json" } ], "title": "Security update on CVE-2022-43681", "tracking": { "current_release_date": "2026-01-19T22:22:34Z", "generator": { "date": "2026-01-19T22:22:34Z", "engine": { "name": "pyCSAF" } }, "id": "CVE-2022-43681-ELS_OS-ALMALINUX9.2ESU", "initial_release_date": "2022-01-01T00:00:00Z", "revision_history": [ { "date": "2022-01-01T00:00:00Z", "number": "1", "summary": "Initial version" }, { "date": "2025-11-29T10:41:09Z", "number": "2", "summary": "Official Publication" }, { "date": "2025-12-23T19:08:30Z", "number": "3", "summary": "Update document" }, { "date": "2026-01-19T22:22:34Z", "number": "4", "summary": "Update document" } ], "status": "final", "version": "4" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "AlmaLinux 9.2", "product": { "name": "AlmaLinux 9.2", "product_id": "AlmaLinux-9.2", "product_identification_helper": { "cpe": "cpe:2.3:o:almalinux:almalinux:9.2:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "AlmaLinux" }, { "branches": [ { "category": "product_version", "name": "frr-0:8.3.1-5.el9.2.alma.x86_64", "product": { "name": "frr-0:8.3.1-5.el9.2.alma.x86_64", "product_id": "frr-0:8.3.1-5.el9.2.alma.x86_64", "product_identification_helper": { "purl": "pkg:rpm/almalinux/frr@8.3.1-5.el9.2.alma?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "frr-selinux-0:8.3.1-5.el9.2.alma.noarch", "product": { "name": "frr-selinux-0:8.3.1-5.el9.2.alma.noarch", "product_id": "frr-selinux-0:8.3.1-5.el9.2.alma.noarch", "product_identification_helper": { "purl": "pkg:rpm/almalinux/frr-selinux@8.3.1-5.el9.2.alma?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "AlmaLinux OS Foundation" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "frr-0:8.3.1-5.el9.2.alma.tuxcare.els1.x86_64", "product": { "name": "frr-0:8.3.1-5.el9.2.alma.tuxcare.els1.x86_64", "product_id": "frr-0:8.3.1-5.el9.2.alma.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/frr@8.3.1-5.el9.2.alma.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "frr-0:8.3.1-5.el9.2.alma.tuxcare.els3.x86_64", "product": { "name": "frr-0:8.3.1-5.el9.2.alma.tuxcare.els3.x86_64", "product_id": "frr-0:8.3.1-5.el9.2.alma.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/frr@8.3.1-5.el9.2.alma.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "frr-0:8.3.1-5.el9.2.alma.tuxcare.els2.x86_64", "product": { "name": "frr-0:8.3.1-5.el9.2.alma.tuxcare.els2.x86_64", "product_id": "frr-0:8.3.1-5.el9.2.alma.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/frr@8.3.1-5.el9.2.alma.tuxcare.els2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els1.noarch", "product": { "name": "frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els1.noarch", "product_id": "frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els1.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/frr-selinux@8.3.1-5.el9.2.alma.tuxcare.els1?arch=noarch" } } }, { "category": "product_version", "name": "frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els3.noarch", "product": { "name": "frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els3.noarch", "product_id": "frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els3.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/frr-selinux@8.3.1-5.el9.2.alma.tuxcare.els3?arch=noarch" } } }, { "category": "product_version", "name": "frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els2.noarch", "product": { "name": "frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els2.noarch", "product_id": "frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els2.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/frr-selinux@8.3.1-5.el9.2.alma.tuxcare.els2?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "frr-0:8.3.1-5.el9.2.alma.tuxcare.els1.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:frr-0:8.3.1-5.el9.2.alma.tuxcare.els1.x86_64" }, "product_reference": "frr-0:8.3.1-5.el9.2.alma.tuxcare.els1.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "frr-0:8.3.1-5.el9.2.alma.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:frr-0:8.3.1-5.el9.2.alma.x86_64" }, "product_reference": "frr-0:8.3.1-5.el9.2.alma.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "frr-0:8.3.1-5.el9.2.alma.tuxcare.els3.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:frr-0:8.3.1-5.el9.2.alma.tuxcare.els3.x86_64" }, "product_reference": "frr-0:8.3.1-5.el9.2.alma.tuxcare.els3.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "frr-0:8.3.1-5.el9.2.alma.tuxcare.els2.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:frr-0:8.3.1-5.el9.2.alma.tuxcare.els2.x86_64" }, "product_reference": "frr-0:8.3.1-5.el9.2.alma.tuxcare.els2.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els1.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els1.noarch" }, "product_reference": "frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els1.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "frr-selinux-0:8.3.1-5.el9.2.alma.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:frr-selinux-0:8.3.1-5.el9.2.alma.noarch" }, "product_reference": "frr-selinux-0:8.3.1-5.el9.2.alma.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els3.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els3.noarch" }, "product_reference": "frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els3.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els2.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els2.noarch" }, "product_reference": "frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els2.noarch", "relates_to_product_reference": "AlmaLinux-9.2" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-43681", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet (or the option length word, in case of an extended OPEN message), the FRR code reads of out of the bounds of the packet, throwing a SIGABRT signal and exiting. This results in a bgpd daemon restart, causing a Denial-of-Service condition.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "known_affected": [ "AlmaLinux-9.2:frr-0:8.3.1-5.el9.2.alma.tuxcare.els1.x86_64", "AlmaLinux-9.2:frr-0:8.3.1-5.el9.2.alma.tuxcare.els2.x86_64", "AlmaLinux-9.2:frr-0:8.3.1-5.el9.2.alma.tuxcare.els3.x86_64", "AlmaLinux-9.2:frr-0:8.3.1-5.el9.2.alma.x86_64", "AlmaLinux-9.2:frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els1.noarch", "AlmaLinux-9.2:frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els2.noarch", "AlmaLinux-9.2:frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els3.noarch", "AlmaLinux-9.2:frr-selinux-0:8.3.1-5.el9.2.alma.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-43681" }, { "category": "external", "summary": "https://forescout.com", "url": "https://forescout.com/" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2023/09/msg00020.html", "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00020.html" }, { "category": "external", "summary": "https://www.debian.org/security/2023/dsa-5495", "url": "https://www.debian.org/security/2023/dsa-5495" } ], "release_date": "2023-05-03T12:16:00Z", "remediations": [ { "category": "no_fix_planned", "details": "This issue is a denial‑of‑service bug in FRRouting’s bgpd that triggers only during BGP session establishment when a specially crafted OPEN message is received, causing a crash and automatic restart without any confidentiality or integrity impact. It is reachable only on hosts that actually run FRR’s BGP daemon and have TCP/179 exposed to receive new BGP peer connections; systems not providing BGP routing or where peering is restricted are not exposed. Given the availability‑only impact and the requirement to directly target a BGP‑listening service, this can be safely deprioritized relative to vulnerabilities that enable data access or code execution.", "product_ids": [ "AlmaLinux-9.2:frr-0:8.3.1-5.el9.2.alma.tuxcare.els1.x86_64", "AlmaLinux-9.2:frr-0:8.3.1-5.el9.2.alma.tuxcare.els2.x86_64", "AlmaLinux-9.2:frr-0:8.3.1-5.el9.2.alma.tuxcare.els3.x86_64", "AlmaLinux-9.2:frr-0:8.3.1-5.el9.2.alma.x86_64", "AlmaLinux-9.2:frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els1.noarch", "AlmaLinux-9.2:frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els2.noarch", "AlmaLinux-9.2:frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els3.noarch", "AlmaLinux-9.2:frr-selinux-0:8.3.1-5.el9.2.alma.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AlmaLinux-9.2:frr-0:8.3.1-5.el9.2.alma.tuxcare.els1.x86_64", "AlmaLinux-9.2:frr-0:8.3.1-5.el9.2.alma.tuxcare.els2.x86_64", "AlmaLinux-9.2:frr-0:8.3.1-5.el9.2.alma.tuxcare.els3.x86_64", "AlmaLinux-9.2:frr-0:8.3.1-5.el9.2.alma.x86_64", "AlmaLinux-9.2:frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els1.noarch", "AlmaLinux-9.2:frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els2.noarch", "AlmaLinux-9.2:frr-selinux-0:8.3.1-5.el9.2.alma.tuxcare.els3.noarch", "AlmaLinux-9.2:frr-selinux-0:8.3.1-5.el9.2.alma.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] } ] }