7 matches found
CVE-2023-38406
bgpd/bgpflowspec.c in FRRouting FRR before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."...
DEBIAN-CVE-2023-38406
bgpd/bgpflowspec.c in FRRouting FRR before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."...
CVE-2023-38406
bgpd/bgpflowspec.c in FRRouting FRR before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."...
Buffer overflow
bgpd/bgpflowspec.c in FRRouting FRR before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."...
CVE-2023-38406
CVE-2023-38406 affects FRRouting (FRR) in bgpd/bgp_flowspec.c, where an nlri length of zero leads to a flowspec overflow. Public references show FRR releases before 8.4.3 are vulnerable; a fix is provided in FRR 8.4.3 and later (up to 8.5.x per advisories). The vulnerability can enable a high-sev...
CVE-2023-38406
bgpd/bgpflowspec.c in FRRouting FRR before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."...
SUSE CVE-2023-41358
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero...