Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-38802HistoryAug 29, 2023 - 4:15 p.m.
CVE-2023-38802
2023-08-2916:15:09
Debian Security Bug Tracker
security-tracker.debian.org
14
frrouting
frr 7.5.1
frr 9.0
pica8 picos 4.3.3.2
denial of service
bgp
tunnel encapsulation
remote
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.003
Percentile
72.0%
FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | frr | < 8.4.4-1.1~deb12u1 | frr_8.4.4-1.1~deb12u1_all.deb |
| Debian | 11 | all | frr | < 7.5.1-1.1+deb11u2 | frr_7.5.1-1.1+deb11u2_all.deb |
| Debian | 999 | all | frr | < 8.4.4-1.1 | frr_8.4.4-1.1_all.deb |
| Debian | 13 | all | frr | < 8.4.4-1.1 | frr_8.4.4-1.1_all.deb |
Related
almalinux
almalinux
Important: frr security and bug fix update
2023-09-19 00:00:00
Important: frr security update
2023-09-18 00:00:00
nessus
nessus
RHEL 8 : frr (RHSA-2023:5196)
2023-09-18 00:00:00
RHEL 8 : frr (RHSA-2023:5219)
2023-09-19 00:00:00
AlmaLinux 9 : frr (ALSA-2023:5194)
2023-09-22 00:00:00
redhat
redhat
(RHSA-2023:5457) Important: frr security update
2023-10-05 10:09:59
(RHSA-2023:5194) Important: frr security update
2023-09-18 12:54:38
(RHSA-2023:5464) Important: frr security update
2023-10-05 10:16:58
redhatcve
redhatcve
CVE-2023-38802
2023-08-31 10:44:03
cbl_mariner
cbl_mariner
CVE-2023-38802 affecting package frr for versions less than 8.5.3-2
2023-09-27 18:02:50
osv
osv
Important: frr security and bug fix update
2023-09-19 00:00:00
Important: frr security update
2023-09-18 00:00:00
CVE-2023-38802
2023-08-29 16:15:09
prion
prion
Code injection
2023-08-29 16:15:00
oraclelinux
oraclelinux
frr security update
2023-09-19 00:00:00
frr security and bug fix update
2023-09-20 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-09-11 16:38:28
cvelist
cvelist
CVE-2023-38802
2023-08-29 00:00:00
cve
cve
CVE-2023-38802
2023-08-29 16:15:09
nvd
nvd
CVE-2023-38802
2023-08-29 16:15:09
ubuntucve
ubuntucve
CVE-2023-38802
2023-08-28 00:00:00
paloalto
paloalto
PAN-OS: Denial-of-Service (DoS) Vulnerability in BGP Software
2023-09-13 16:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:3836-1)
2023-09-28 00:00:00
openSUSE: Security Advisory for quagga (SUSE-SU-2023:3839-1)
2024-03-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:3793-1)
2023-09-27 00:00:00
ics
ics
Siemens RUGGEDCOM APE1808
2024-04-11 12:00:00
cert
cert
fedora
fedora
[SECURITY] Fedora 39 Update: frr-8.5.3-1.fc39
2023-11-15 01:43:47
[SECURITY] Fedora 37 Update: frr-8.5.3-1.fc37
2023-11-15 02:01:52
[SECURITY] Fedora 38 Update: frr-8.5.3-1.fc38
2023-11-15 02:16:16
redos
redos
ROS-20240403-09
2024-04-03 00:00:00
debian
debian
[SECURITY] [DSA 5495-1] frr security update
2023-09-11 07:14:35
[SECURITY] [DLA 3573-1] frr security update
2023-09-19 19:41:22
thn
thn
ubuntu
ubuntu
FRR vulnerabilities
2024-06-05 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.003
Percentile
72.0%
Related for DEBIANCVE:CVE-2023-38802