An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet (or the option length word, in case of an extended OPEN message), the FRR code reads of out of the bounds of the packet, throwing a SIGABRT signal and exiting. This results in a bgpd daemon restart, causing a Denial-of-Service condition.
References
Link | Resource |
---|---|
https://forescout.com | Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2023/09/msg00020.html | Mailing List Third Party Advisory |
https://www.debian.org/security/2023/dsa-5495 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-05-03T00:00:00
Updated: 2023-09-19T21:06:38.413024
Reserved: 2022-10-24T00:00:00
Link: CVE-2022-43681
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-05-03T12:16:30.070
Modified: 2024-02-16T18:20:03.417
Link: CVE-2022-43681
JSON object: View
Redhat Information
No data.
CWE