Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-40302

Опубликовано: 03 мая 2023
Источник: redhat
CVSS3: 6.5
EPSS Низкий

Описание

An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case.

A vulnerability was found in FRRouting. The issue occurs in bgpd in FRRouting (FRR). By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart or out-of-bounds read). This flaw is possible due to inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 8frrNot affected
Red Hat Enterprise Linux 9frrFixedRHSA-2023:643407.11.2023

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=2196090frr: denial of service by crafting a BGP OPEN message with an option of type 0xff

EPSS

Процентиль: 32%
0.00121
Низкий

6.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-40302

CVSS3: 6.5
ubuntu
около 2 лет назад

An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case.

nvd логотип

CVE-2022-40302

CVSS3: 6.5
nvd
около 2 лет назад

An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case.

debian логотип

CVE-2022-40302

CVSS3: 6.5
debian
около 2 лет назад

An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By cra ...

github логотип

GHSA-j7hm-p94x-q9pw

CVSS3: 7.5
github
около 2 лет назад

An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case.

fstec логотип

BDU:2023-02322

CVSS3: 6.5
fstec
около 2 лет назад

Уязвимость компонента BGP OPEN Message Handler программного средства реализации сетевой маршрутизации на Unix-подобных системах FRRouting связана с выходом операции за границами буфера в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании

EPSS

Процентиль: 32%
0.00121
Низкий

6.5 Medium

CVSS3