CVE-2023-41360

Опубликовано: 29 авг. 2023

Источник: debian

EPSS Низкий

Описание

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation.

Пакет	Статус	Версия исправления	Релиз	Тип
frr	fixed	8.4.4-1.1		package
frr	fixed	8.4.4-1.1~deb12u1	bookworm	package
frr	not-affected		bullseye	package

https://github.com/FRRouting/frr/pull/14245
Fixed by: https://github.com/FRRouting/frr/commit/9b855a692e68e0d16467e190b466b4ecb6853702
Backport for stable/8.5: https://github.com/FRRouting/frr/pull/14249
Fixed by: https://github.com/FRRouting/frr/commit/3515178de4a56d66ed948a774efcbe4a854e1ca7

EPSS

Процентиль: 48%

0.00244

Низкий

CVE-2023-41360

CVSS3: 9.1

ubuntu

почти 2 года назад

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation.

CVE-2023-41360

CVSS3: 4.8

redhat

почти 2 года назад

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation.

CVE-2023-41360

CVSS3: 9.1

nvd

почти 2 года назад

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation.

CVE-2023-41360

CVSS3: 9.1

msrc

почти 2 года назад

Описание отсутствует

GHSA-8x46-qpq3-2pgp

CVSS3: 9.1

github

почти 2 года назад

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation.

EPSS

Процентиль: 48%

0.00244

Низкий