An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation. https://github.com/FRRouting/frr/pull/14245
Created frr tracking bugs for this issue: Affects: fedora-all [bug 2236470]
Fixed in F37, F38 and F40: F37: https://koji.fedoraproject.org/koji/buildinfo?buildID=2304627 F38: https://koji.fedoraproject.org/koji/buildinfo?buildID=2304626 F40: https://koji.fedoraproject.org/koji/buildinfo?buildID=2307311 F39 is stuck on a build error from gcc but the update that fixes the issue is currently stuck in final freeze for updates. Keeping this bug opened for a little bit and wait for the gcc update to go out.
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:2156 https://access.redhat.com/errata/RHSA-2024:2156