An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
21 Nov 2024, 08:21
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/FRRouting/frr/pull/13222/commits/cfd04dcb3e689754a72507d086ba3b9709fc5ed8 - Patch | |
References | () https://lists.debian.org/debian-lts-announce/2023/09/msg00020.html - Mailing List, Third Party Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JLG64IF3FU7V76K4TKCCXVNEE6P2VUDO/ - Mailing List | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LMJNX44SMJM25JZO7XWHDQCOB4SNJPIE/ - Mailing List | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXR6PIVY4SWO7HDT4EY733H4X32SCPM4/ - Mailing List |
22 Dec 2023, 21:17
Type | Values Removed | Values Added |
---|---|---|
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JLG64IF3FU7V76K4TKCCXVNEE6P2VUDO/ - Mailing List | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXR6PIVY4SWO7HDT4EY733H4X32SCPM4/ - Mailing List | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LMJNX44SMJM25JZO7XWHDQCOB4SNJPIE/ - Mailing List | |
First Time |
Fedoraproject fedora
Fedoraproject |
|
CPE | cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* |
15 Nov 2023, 05:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
26 Oct 2023, 19:52
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) https://lists.debian.org/debian-lts-announce/2023/09/msg00020.html - Mailing List, Third Party Advisory | |
First Time |
Debian debian Linux
Debian |
|
CPE | cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* |
19 Sep 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
08 Sep 2023, 16:49
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:* | |
CWE | CWE-476 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
First Time |
Frrouting
Frrouting frrouting |
|
References | (MISC) https://github.com/FRRouting/frr/pull/13222/commits/cfd04dcb3e689754a72507d086ba3b9709fc5ed8 - Patch |
05 Sep 2023, 07:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-05 07:15
Updated : 2024-11-21 08:21
NVD link : CVE-2023-41909
Mitre link : CVE-2023-41909
CVE.ORG link : CVE-2023-41909
JSON object : View
Products Affected
fedoraproject
- fedora
debian
- debian_linux
frrouting
- frrouting
CWE
CWE-476
NULL Pointer Dereference