Back to bug 2223668
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Zack Miele | 2023-07-18 13:40:22 UTC | Alias | TRIAGE-CVE-2023-3748 | CVE-2023-3748 |
| Zack Miele | 2023-07-18 13:40:54 UTC | Summary | TRIAGE-CVE-2023-3748 frr: Inifinite loop in babld message parsing may cause DoS | CVE-2023-3748 frr: Inifinite loop in babld message parsing may cause DoS |
| Zack Miele | 2023-07-18 13:41:49 UTC | Depends On | 2223673 | |
| RaTasha Tillery-Smith | 2023-07-18 18:21:04 UTC | Doc Text | An issue was discovered in FRRouting when parsing certain babeld unicast hello messages that were intended to be ignored. An attacker could send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory flag set could enter an infinite loop and cause a denial of service. | A flaw was found in FRRouting when parsing certain babeld unicast hello messages that were intended to be ignored. This flaw allows an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory flag set to enter an infinite loop and cause a denial of service. |
| Michal Ruprich | 2023-07-19 14:13:46 UTC | Resolution | --- | NOTABUG |
| Doc Type | --- | If docs needed, set a value | ||
| Status | NEW | CLOSED | ||
| Last Closed | 2023-07-19 14:13:46 UTC | |||
| Michal Ruprich | 2023-07-19 14:15:02 UTC | Resolution | NOTABUG | --- |
| Status | CLOSED | NEW | ||
| Keywords | Reopened | |||
| Paige Jung | 2023-07-19 16:11:29 UTC | Doc Text | A flaw was found in FRRouting when parsing certain babeld unicast hello messages that were intended to be ignored. This flaw allows an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory flag set to enter an infinite loop and cause a denial of service. | A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory flag set to enter an infinite loop and cause a denial of service. |
| Product Security DevOps Team | 2023-08-01 12:27:30 UTC | Resolution | --- | NOTABUG |
| Status | NEW | CLOSED | ||
| Last Closed | 2023-07-19 14:13:46 UTC | 2023-08-01 12:27:30 UTC |
Back to bug 2223668