Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-38283HistoryAug 29, 2023 - 4:15 p.m.
CVE-2023-38283
2023-08-2916:15:08
Debian Security Bug Tracker
security-tracker.debian.org
19
openbgpd
vulnerability
remote actor
bgp update
session reset
openbsd 7.3 errata
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
36.9%
In OpenBGPD before 8.1, incorrect handling of BGP update data (length of path attributes) set by a potentially distant remote actor may cause the system to incorrectly reset a session. This is fixed in OpenBSD 7.3 errata 006.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | openbgpd | <= 7.7-2 | openbgpd_7.7-2_all.deb |
| Debian | 999 | all | openbgpd | < 8.1-1 | openbgpd_8.1-1_all.deb |
| Debian | 13 | all | openbgpd | < 8.1-1 | openbgpd_8.1-1_all.deb |
Related
cve
cve
CVE-2023-38283
2023-08-29 16:15:08
prion
prion
Design/Logic Flaw
2023-08-29 16:15:00
osv
osv
CVE-2023-38283
2023-08-29 16:15:08
cvelist
cvelist
CVE-2023-38283
2023-08-29 00:00:00
ubuntucve
ubuntucve
CVE-2023-38283
2023-08-29 00:00:00
cnvd
cnvd
OpenBSD Code Issues Vulnerabilities
2023-08-31 00:00:00
nvd
nvd
CVE-2023-38283
2023-08-29 16:15:08
cert
cert
thn
thn
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
36.9%
Related for DEBIANCVE:CVE-2023-38283