838 matches found
Design/Logic Flaw
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero...
Design/Logic Flaw
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c can read the initial byte of the ORF header in an ahead-of-stream situation...
CVE-2023-41361
An issue was discovered in FRRouting FRR 9.0. bgpd/bgpopen.c does not check for an overly large length of the rcv software version...
UBUNTU-CVE-2023-41360
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c can read the initial byte of the ORF header in an ahead-of-stream situation...
CVE-2023-41360
CVE-2023-41360 – FRRouting FRR ahead-of-stream read of ORF header . The connected Nessus advisory for MiracleLinux 9 (FRR 8.x line) documents an issue in bgpd/bgp_packet.c where the initial byte of the ORF header can be read in an ahead-of-stream situation, affecting FRR releases up to 9.0. The C...
FRRouting FRR 缓冲区错误漏洞
FRRouting FRR is a suite of software that implements and manages various IPV4 and IPV6 routing protocols. A security vulnerability exists in FRRouting FRR version 9.0 and prior versions, which stems from a failure to check the availability of two bytes during AIGP validation...
CVE-2023-41360
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c can read the initial byte of the ORF header in an ahead-of-stream situation...
FRRouting FRR 缓冲区错误漏洞
FRRouting FRR is a suite of software that implements and manages various IPV4 and IPV6 routing protocols. A security vulnerability exists in FRRouting FRR version 9.0 and earlier. An attacker can exploit the vulnerability to read the initial bytes of the ORF header...
CVE-2023-38802
CVE-2023-38802 affects FRRouting FRR 7.5.1–9.0 and Pica8 PICOS 4.3.3.2. A remote attacker can cause a denial of service by sending a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation). Underlying cause is improper handling in BGP UPDATE processing. Impact is DoS; CVSS v3.1 ba...
FRRouting FRR 代码问题漏洞
FRRouting FRR is a suite of software that implements and manages various IPV4 and IPV6 routing protocols. A security vulnerability exists in FRRouting FRR version 9.0 and earlier versions, which stems from an attribute length of zero, and bgpd/bgppacket.c handles NLRIs...
CVE-2023-41360
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c can read the initial byte of the ORF header in an ahead-of-stream situation...
FRRouting FRR 安全漏洞
FRRouting FRR is a suite of software that implements and manages various IPV4 and IPV6 routing protocols. A security vulnerability exists in FRRouting FRR versions 7.5.1 through 9.0, Pica8 PICOS 4.3.3.2, which could allow a remote attacker to cause a denial of service via the use of corrupted...
CVE-2023-41358
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero...
CVE-2023-41358
FRR CVE-2023-41358 affects the BGP daemon (bgpd) where bgp_packet.c processes NLRIs when the attribute length is zero, enabling potential DoS by malformed BGP data. Affected product: FRRouting FRR. Root cause: zero-length attribute handling in BGP NLRI processing. Impact: denial of service (crash...
CVE-2023-41359
An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgpattraigpvalid in bgpd/bgpattr.c because there is no check for the availability of two bytes during AIGP validation...
FRRouting FRR 安全漏洞
FRRouting FRR is a suite of software that implements and manages various IPV4 and IPV6 routing protocols. A security vulnerability exists in FRRouting FRR version 9.0 and earlier versions, which stems from the fact that the length of the rcv software version is not checked for excessive length...
CVE-2023-41361
An issue was discovered in FRRouting FRR 9.0. bgpd/bgpopen.c does not check for an overly large length of the rcv software version...
CVE-2023-41361
CVE-2023-41361 affects FRRouting FRR 9.0; the bgpd/bgp_open.c path does not check for an overly large rcv software version length, enabling a potential issue. The NVD/NIST entry confirms a critical impact (C:H/I:H/A:H). Debian/DEB LTS advisories indicate a fixed package is available in Debian; en...
CVE-2023-41361
An issue was discovered in FRRouting FRR 9.0. bgpd/bgpopen.c does not check for an overly large length of the rcv software version...
CVE-2023-38802
FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...