CVE-2023-41358

Опубликовано: 29 авг. 2023

Источник: debian

EPSS Низкий

Описание

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero.

Пакет	Статус	Версия исправления	Релиз	Тип
frr	fixed	8.4.4-1.1		package

https://github.com/FRRouting/frr/pull/14260
Fixed by: https://github.com/FRRouting/frr/commit/28ccc24d38df1d51ed8a563507e5d6f6171fdd38
Backport for stable/8.5: https://github.com/FRRouting/frr/pull/14270
Fixed by: https://github.com/FRRouting/frr/commit/f291f1ee9434f56d4b185db0652794a92e313b00

EPSS

Процентиль: 52%

0.00294

Низкий

CVE-2023-41358

CVSS3: 7.5

ubuntu

почти 2 года назад

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero.

CVE-2023-41358

CVSS3: 7.5

redhat

почти 2 года назад

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero.

CVE-2023-41358

CVSS3: 7.5

nvd

почти 2 года назад

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero.

CVE-2023-41358

CVSS3: 7.5

msrc

почти 2 года назад

Описание отсутствует

GHSA-wpmx-4jmr-jx6r

CVSS3: 7.5

github

почти 2 года назад

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero.

EPSS

Процентиль: 52%

0.00294

Низкий