Incorrect length handling of path attributes in BGP packets can lead to a session reset.
Created frr tracking bugs for this issue: Affects: fedora-all [bug 2236442]
# Upstream Fix: - https://github.com/FRRouting/frr/pull/14290 - https://github.com/FRRouting/frr/issues/14289
References: - https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling - https://github.com/advisories/GHSA-xh4f-v933-c556 - https://nvd.nist.gov/vuln/detail/CVE-2023-38802 - http://tools.ietf.org/html/rfc4271 - https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/006_bgpd.patch.sig
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2023:5196 https://access.redhat.com/errata/RHSA-2023:5196
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:5194 https://access.redhat.com/errata/RHSA-2023:5194
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:5195 https://access.redhat.com/errata/RHSA-2023:5195
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:5219 https://access.redhat.com/errata/RHSA-2023:5219
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2023:5464 https://access.redhat.com/errata/RHSA-2023:5464
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:5457 https://access.redhat.com/errata/RHSA-2023:5457
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:5465 https://access.redhat.com/errata/RHSA-2023:5465