15 matches found
Siemens Ruggedcom ROX NULL Pointer Dereference (CVE-2023-41358)
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; i...
quagga: Fix of 2 CVEs
CVE-2023-41360: don't read the first byte of ORF header if we are ahead of stream - CVE-2023-41358: do not process NLRIs if the attribute length is zero...
CLSA-2023-1697817200 quagga: Fix of 2 CVEs
CVE-2023-41360: don't read the first byte of ORF header if we are ahead of stream - CVE-2023-41358: do not process NLRIs if the attribute length is zero...
SUSE SLES15 / openSUSE 15 Security Update : quagga (SUSE-SU-2023:3839-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3839-1 advisory. - FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a...
SUSE-SU-2023:3839-1 Security update for quagga
This update for quagga fixes the following issues: - CVE-2023-38802: Fixed bad length handling in BGP attribute handling bsc1213284. - CVE-2023-41358: Fixed possible crash when processing NLRIs if the attribute length is zero bsc1214735...
SUSE-SU-2023:3836-1 Security update for quagga
This update for quagga fixes the following issues: - CVE-2023-38802: Fixed bad length handling in BGP attribute handling bsc1213284. - CVE-2023-41358: Fixed possible crash when processing NLRIs if the attribute length is zero bsc1214735...
SUSE-SU-2023:3793-1 Security update for quagga
This update for quagga fixes the following issues: - CVE-2023-38802: Fixed bad length handling in BGP attribute handling bsc1213284. - CVE-2023-41358: Fixed possible crash when processing NLRIs if the attribute length is zero bsc1214735...
SUSE-SU-2023:3762-1 Security update for frr
This update for frr fixes the following issues: - CVE-2023-38802: Fixed bad length handling when processing BGP attributes. bsc1213284 - CVE-2023-41358: Fixed a possible crash when processing NLRIs with an attribute length of zero. bsc1214735 - CVE-2023-41909: Fixed NULL pointer dereference due t...
CVE-2023-41358
A flaw was found in FRRouting, where it is susceptible to a denial of service vulnerability triggered by a NULL pointer dereference issue during the processing of Network Layer Reachability Information NLRIs with a zero attribute length. The vulnerability arises from inadequate validation of...
CVE-2023-41358
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero...
CVE-2023-41358
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero...
CVE-2023-41358
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero...
Design/Logic Flaw
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero...
CVE-2023-41358
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero...
CVE-2023-41358
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero...