Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-41358HistoryAug 29, 2023 - 4:15 a.m.
CVE-2023-41358
2023-08-2904:15:16
Debian Security Bug Tracker
security-tracker.debian.org
7
frrouting
bgpd
bgp_packet.c
cve-2023-41358
nlris
attribute length
zero
unix
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
32.0%
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | frr | < 8.4.4-1.1~deb12u1 | frr_8.4.4-1.1~deb12u1_all.deb |
| Debian | 11 | all | frr | < 7.5.1-1.1+deb11u2 | frr_7.5.1-1.1+deb11u2_all.deb |
| Debian | 10 | all | frr | < 7.5.1-1.1+deb10u1 | frr_7.5.1-1.1+deb10u1_all.deb |
| Debian | 999 | all | frr | < 8.4.4-1.1 | frr_8.4.4-1.1_all.deb |
| Debian | 13 | all | frr | < 8.4.4-1.1 | frr_8.4.4-1.1_all.deb |
Related
cve
cve
CVE-2023-41358
2023-08-29 04:15:16
cvelist
cvelist
CVE-2023-41358
2023-08-29 00:00:00
nessus
nessus
CBL Mariner 2.0 Security Update: frr (CVE-2023-41358)
2023-09-28 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : quagga (SUSE-SU-2023:3839-1)
2023-09-28 00:00:00
SUSE SLES15 Security Update : quagga (SUSE-SU-2023:3836-1)
2023-09-28 00:00:00
ubuntucve
ubuntucve
CVE-2023-41358
2023-08-29 00:00:00
prion
prion
Design/Logic Flaw
2023-08-29 04:15:00
veracode
veracode
Denial Of Service (DoS)
2023-08-31 03:48:28
redhatcve
redhatcve
CVE-2023-41358
2023-08-31 11:12:25
cbl_mariner
cbl_mariner
CVE-2023-41358 affecting package frr for versions less than 8.5.3-2
2023-09-27 18:02:50
nvd
nvd
CVE-2023-41358
2023-08-29 04:15:16
osv
osv
CVE-2023-41358
2023-08-29 04:15:16
quagga vulnerabilities
2023-10-17 10:25:58
frr vulnerabilities
2023-10-18 04:43:51
ubuntu
ubuntu
Quagga vulnerabilities
2023-10-17 00:00:00
FRR vulnerabilities
2023-10-18 00:00:00
openvas
openvas
openSUSE: Security Advisory for quagga (SUSE-SU-2023:3839-1)
2024-03-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:3836-1)
2023-09-28 00:00:00
Ubuntu: Security Advisory (USN-6432-1)
2023-10-18 00:00:00
cloudlinux
cloudlinux
quagga: Fix of 2 CVEs
2023-10-20 15:53:24
almalinux
almalinux
Moderate: frr security update
2024-05-22 00:00:00
Moderate: frr security update
2024-04-30 00:00:00
oraclelinux
oraclelinux
frr security update
2024-05-23 00:00:00
frr security update
2024-05-02 00:00:00
redhat
redhat
(RHSA-2024:2981) Moderate: frr security update
2024-05-22 06:35:15
(RHSA-2024:2156) Moderate: frr security update
2024-04-30 06:14:53
fedora
fedora
[SECURITY] Fedora 37 Update: frr-8.5.3-1.fc37
2023-11-15 02:01:52
[SECURITY] Fedora 39 Update: frr-8.5.3-1.fc39
2023-11-15 01:43:47
[SECURITY] Fedora 38 Update: frr-8.5.3-1.fc38
2023-11-15 02:16:16
redos
redos
ROS-20240403-09
2024-04-03 00:00:00
debian
debian
[SECURITY] [DSA 5495-1] frr security update
2023-09-11 07:14:35
[SECURITY] [DLA 3573-1] frr security update
2023-09-19 19:41:22
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
32.0%
Related for DEBIANCVE:CVE-2023-41358