Описание
An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_encap in bgpd/bgp_attr.c does not check the actual remaining stream length before taking the TLV value.
A flaw was found in FRRouting (FRR). Improper input validation in the bgp_attr_encap function in the bgpd/bgp_attr.c file of the remaining stream length before assigning the TLV value can cause the bgpd daemon to crash, resulting in a denial of service.
Отчет
Due to security checks performed by FRR, the abort function is called when this flaw is triggered, terminating the process immediately. Thus, this issue can only cause the bgpd daemon to crash, resulting in a denial of service with no other security impact.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 8 | frr | Will not fix | ||
| Red Hat Enterprise Linux 9 | frr | Will not fix |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_encap in bgpd/bgp_attr.c does not check the actual remaining stream length before taking the TLV value.
An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_encap in bgpd/bgp_attr.c does not check the actual remaining stream length before taking the TLV value.
An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_enca ...
7.5 High
CVSS3