CVE-2023-46753

Опубликовано: 26 окт. 2023

Источник: redhat

CVSS3: 5.9

Описание

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute.

A flaw was found in FRRouting. A crash can occur for a crafted BGP UPDATE message without mandatory attributes (for example, one with only an unknown transit attribute).

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-400

https://bugzilla.redhat.com/show_bug.cgi?id=2246381frr: crafted BGP UPDATE message leading to a crash

5.9 Medium

CVSS3

Связанные уязвимости

CVE-2023-46753

CVSS3: 5.9

ubuntu

больше 1 года назад

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute.

CVE-2023-46753

CVSS3: 5.9

nvd

больше 1 года назад

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute.

CVE-2023-46753

CVSS3: 5.9

msrc

больше 1 года назад

Описание отсутствует

CVE-2023-46753

CVSS3: 5.9

debian

больше 1 года назад

An issue was discovered in FRRouting FRR through 9.0.1. A crash can oc ...

GHSA-33fq-cj88-4v27

CVSS3: 7.5

github

больше 1 года назад

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute.

5.9 Medium

CVSS3