Lucene search

K
ubuntucveUbuntu.comUB:CVE-2022-43681
HistoryMay 03, 2023 - 12:00 a.m.

CVE-2022-43681

2023-05-0300:00:00
ubuntu.com
ubuntu.com
5
frrouting
bgp daemon
out-of-bounds read
denial-of-service

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

39.5%

An out-of-bounds read exists in the BGP daemon of FRRouting FRR through
8.4. When sending a malformed BGP OPEN message that ends with the option
length octet (or the option length word, in case of an extended OPEN
message), the FRR code reads of out of the bounds of the packet, throwing a
SIGABRT signal and exiting. This results in a bgpd daemon restart, causing
a Denial-of-Service condition.

Bugs

Notes

Author Note
mdeslaur Commits below fix CVE-2022-40302, CVE-2022-40318, CVE-2022-43681 Introduced by https://github.com/FRRouting/frr/commit/d08c0c8077fbb3e100ed2e87927edec1a09d224b

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

39.5%