Back to bug 2196091
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Sandipan Roy | 2023-05-08 04:14:58 UTC | Blocks | 2193421 | |
| Sandipan Roy | 2023-05-08 04:22:59 UTC | Doc Text | A vulnerability was found in FRRouting. The issue was discovered in bgpd in FRRouting (FRR). By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case. NOTE: this behavior occurs in bgp_open_option_parse in the bgp_open.c file, a different location (with a different attack vector) relative to CVE-2022-40302. | |
| Sandipan Roy | 2023-05-08 04:23:49 UTC | Depends On | 2196093, 2196094 | |
| RaTasha Tillery-Smith | 2023-05-08 13:02:21 UTC | Doc Text | A vulnerability was found in FRRouting. The issue was discovered in bgpd in FRRouting (FRR). By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case. NOTE: this behavior occurs in bgp_open_option_parse in the bgp_open.c file, a different location (with a different attack vector) relative to CVE-2022-40302. | A vulnerability was found in FRRouting. The issue occurs in bgpd in FRRouting (FRR). By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart or out-of-bounds read). This flaw is possible due to inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case. This behavior occurs in the bgp_open_option_parse in the bgp_open.c file, a different location (with a different attack vector) relative to CVE-2022-40302. |
| FrantiĊĦek Hrdina | 2023-05-10 06:37:49 UTC | CC | fhrdina | |
| Sandipan Roy | 2023-05-10 09:09:21 UTC | Depends On | 2196093 | |
| Sandipan Roy | 2023-05-10 09:09:37 UTC | Depends On | 2196796 | |
| Red Hat Bugzilla | 2023-07-07 08:35:34 UTC | Assignee | security-response-team | nobody |
Back to bug 2196091