CVE-2023-38802

Published: Aug 29, 2023

Modified: Oct 2, 2024

PUBLISHED

Description

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling

https://news.ycombinator.com/item?id=37305800

DSA-5495

vendor-advisory

[debian-lts-announce] 20230919 [SECURITY] [DLA 3573-1] frr security update

mailing-list

FEDORA-2023-514db5339e

vendor-advisory

FEDORA-2023-ce436d56f8

vendor-advisory

FEDORA-2023-61abba57d8

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-38802

Description

Affected Products

References