Skip to main content

Frrouting CVE-2023-41359

CRITICAL
Out-of-bounds Read (CWE-125)
2023-08-29 cve@mitre.org
9.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.1 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Aug 29, 2023 - 04:15 nvd
CRITICAL 9.1

DescriptionNVD

An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP validation.

AnalysisAI

An issue was discovered in FRRouting FRR through 9.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Read (CWE-125), which allows attackers to read data from memory outside the intended buffer boundaries. An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP validation. Affected products include: Frrouting, Fedoraproject Fedora. Version information: through 9.0..

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Validate array indices and buffer lengths. Use memory-safe languages. Enable AddressSanitizer during testing.

CVE-2022-37032 CRITICAL POC
9.1 Sep 19

An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of servi

CVE-2022-37035 HIGH POC
8.1 Aug 02

An issue was discovered in bgpd in FRRouting (FRR) 8.3. Rated high severity (CVSS 8.1), this vulnerability is remotely e

CVE-2022-26129 HIGH POC
7.8 Mar 03

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the subtlv length in the functio

CVE-2022-26128 HIGH POC
7.8 Mar 03

A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the

CVE-2022-26127 HIGH POC
7.8 Mar 03

A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to missing a check on the input packet length in t

CVE-2022-26126 HIGH POC
7.8 Mar 03

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to the use of strdup with a non-zero-terminated bin

CVE-2022-26125 HIGH POC
7.8 Mar 03

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd

CVE-2023-38802 HIGH POC
7.5 Aug 29

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a craft

CVE-2023-31490 HIGH POC
7.5 May 09

An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub

CVE-2023-38406 CRITICAL
9.8 Nov 06

bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow.". Rated

CVE-2023-41361 CRITICAL
9.8 Aug 29

An issue was discovered in FRRouting FRR 9.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploit

CVE-2023-31489 MEDIUM POC
5.5 May 09

An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_ll

Share

CVE-2023-41359 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy