Описание
An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP validation.
A flaw was found in FRRouting that involves a heap-based buffer overflow in the bgp_attr_aigp_valid() function within bgpd/bgp_attr.c. This flaw allows a remote attacker to send specially crafted data to the application, initiating an out-of-bounds read error and executing a denial of service (DoS) attack.
Отчет
In Red Hat Enterprise Linux 8, the vulnerable code is not included. It was added in FRR-8.5 in upstream. The highest version of FRR utilized in RHEL-8 is 7.5. Hence, versions of FRR shipped with RHEL-8 are not affected by this vulnerability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 8 | frr | Not affected | ||
| Red Hat Enterprise Linux 9 | frr | Fixed | RHSA-2024:2156 | 30.04.2024 |
Показывать по
Дополнительная информация
Статус:
5.9 Medium
CVSS3
Связанные уязвимости
An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP validation.
An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP validation.
An issue was discovered in FRRouting FRR through 9.0. There is an out- ...
An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP validation.
5.9 Medium
CVSS3