frr: processes invalid NLRIs if attribute length is zero

A flaw was found in FRRouting, where it is susceptible to a denial of service vulnerability triggered by a NULL pointer dereference issue during the processing of Network Layer Reachability Information NLRIs with a zero attribute length. The vulnerability arises from inadequate validation of...

FRRouting FRR 代码问题漏洞

FRRouting FRR is a suite of software that implements and manages various IPV4 and IPV6 routing protocols. A security vulnerability exists in FRRouting FRR version 9.0 and earlier versions, which stems from an attribute length of zero, and bgpd/bgppacket.c handles NLRIs...

PT-2023-8899 · Unknown +9 · Frrouting Frr +9

Name of the Vulnerable Software and Affected Versions: FRRouting FRR versions through 9.0 Description: An issue was discovered in FRRouting FRR where the bgpd/bgp packet.c file processes NLRIs if the attribute length is zero. This can allow a remote attacker to cause a denial of service...