AT&T has released versions 1801-zb for the Vyatta 5600.
Details of these releases can be found at https://cloud.ibm.com/docs/infrastructure/virtual-router-appliance?topic=virtual-router-appliance-at-t-vyatta-5600-vrouter-software-patches#at-t-vyatta-5600-vrouter-software-patches
CVEID: CVE-2013-5211 DESCRIPTION: NTP is vulnerable to a denial of service, caused by an error in the monlist feature in ntp_request.c. By sending a sending specially-crafted REQ_MON_GETLIST or REQ_MON_GETLIST_1 request, an attacker could exploit this vulnerability to consume available CPU resources and cause the server to crash.
CVSS Base Score: 5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/90143> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVEID: CVE-2019-13272 DESCRIPTION: Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by improper permission validation and improper object lifetime handling for PTRACE_TRACEME in the ptrace_link function. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain root privileges on the system.
CVSS Base Score: 7.4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/163733> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
VRA - Vyatta 5600
Please contact IBM Cloud Support to request that the ISO for the 1801-za be pushed to your Vyatta system. Users will need to apply the upgraded code according to their defined processes (for example during a defined maintenance window).