An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP validation.

...

SUSE CVE-2023-38802

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...

CVE-2023-41909

CVE-2023-41909 affects FRRouting FRR instances with the BGP flowspec feature. The flaw is a NULL pointer dereference in bgpd/bgp_flowspec.c when processing malformed requests with no attributes, potentially enabling a crash or denial of service under certain BGP flowspec conditions (reported for ...

CVE-2023-41909

An issue was discovered in FRRouting FRR through 9.0. bgpnlriparseflowspec in bgpd/bgpflowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference...

CVE-2023-41909

An issue was discovered in FRRouting FRR through 9.0. bgpnlriparseflowspec in bgpd/bgpflowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference...

PT-2023-9205 · Frrouting +9 · Frrouting +9

Name of the Vulnerable Software and Affected Versions: FRRouting versions through 9.0 Description: The issue is related to the processing of malformed requests without attributes in the bgpd/bgp flowspec.c file of FRRouting, a software for implementing network routing on Unix-like systems. This c...

CVE-2023-41361

A vulnerability was found in FRRouting stemming from a boundary error in bgpd/bgpopen.c. The issue arises because it fails to check for an excessively large length of the received software version rcv. This flaw allows a remote attacker to overflow a buffer by sending specially crafted data to th...

CVE-2023-41360

An out-of-bounds read flaw was found in FRRouting in bgpd/bgppacket.c, resulting from a boundary condition. This flaw allows a remote attacker, through specially crafted input, to read the initial byte of the ORF header in an ahead-of-stream scenario. This attacker can gain information and...

CVE-2023-41359

A flaw was found in FRRouting that involves a heap-based buffer overflow in the bgpattraigpvalid function within bgpd/bgpattr.c. This flaw allows a remote attacker to send specially crafted data to the application, initiating an out-of-bounds read error and executing a denial of service DoS attac...

CVE-2023-41358

A flaw was found in FRRouting, where it is susceptible to a denial of service vulnerability triggered by a NULL pointer dereference issue during the processing of Network Layer Reachability Information NLRIs with a zero attribute length. The vulnerability arises from inadequate validation of...

CVE-2023-38802

A vulnerability was found in FRRouting FRR. This flaw allows a remote attacker to cause a denial of service issue via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...

USN-6323-1: FRR vulnerability

Ben Cartwright-Cox discovered that FRR did not handle RFC 7606 attributes properly. A remote attacker could possibly use this to cause denial of service...

SUSE CVE-2023-41360

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c can read the initial byte of the ORF header in an ahead-of-stream situation...

SUSE CVE-2023-41359

An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgpattraigpvalid in bgpd/bgpattr.c because there is no check for the availability of two bytes during AIGP validation...

SUSE CVE-2023-41361

An issue was discovered in FRRouting FRR 9.0. bgpd/bgpopen.c does not check for an overly large length of the rcv software version...

CVE-2023-38802

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...

CVE-2023-38802

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...

CVE-2023-38802

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...

AZL-28614 CVE-2023-38802 affecting package frr for versions less than 8.5.3-2

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...

Code injection

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...