A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peek_for_as4_capability function. Attackers can maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in DoS. https://github.com/spwpun/pocs/blob/main/frr-bgpd.md https://github.com/spwpun/pocs https://github.com/FRRouting/frr/issues/13202
Created frr tracking bugs for this issue: Affects: fedora-all [bug 2184469]
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:6434 https://access.redhat.com/errata/RHSA-2023:6434