Skip to main content

Frrouting CVE-2023-38406

CRITICAL
Improper Handling of Exceptional Conditions (CWE-755)
2023-11-06 cve@mitre.org
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Nov 06, 2023 - 06:15 nvd
CRITICAL 9.8

DescriptionNVD

bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."

AnalysisAI

bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow.". Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-755. bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow." Affected products include: Frrouting. Version information: before 8.4.3.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2022-37032 CRITICAL POC
9.1 Sep 19

An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of servi

CVE-2022-37035 HIGH POC
8.1 Aug 02

An issue was discovered in bgpd in FRRouting (FRR) 8.3. Rated high severity (CVSS 8.1), this vulnerability is remotely e

CVE-2022-26129 HIGH POC
7.8 Mar 03

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the subtlv length in the functio

CVE-2022-26128 HIGH POC
7.8 Mar 03

A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the

CVE-2022-26127 HIGH POC
7.8 Mar 03

A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to missing a check on the input packet length in t

CVE-2022-26126 HIGH POC
7.8 Mar 03

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to the use of strdup with a non-zero-terminated bin

CVE-2022-26125 HIGH POC
7.8 Mar 03

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd

CVE-2023-38802 HIGH POC
7.5 Aug 29

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a craft

CVE-2023-31490 HIGH POC
7.5 May 09

An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub

CVE-2023-41361 CRITICAL
9.8 Aug 29

An issue was discovered in FRRouting FRR 9.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploit

CVE-2023-31489 MEDIUM POC
5.5 May 09

An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_ll

CVE-2023-41360 CRITICAL
9.1 Aug 29

An issue was discovered in FRRouting FRR through 9.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely

Share

CVE-2023-38406 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy