2278569 – (CVE-2023-46565) CVE-2023-46565 gobgp: buffer overflow via handlingError() function in pkg/server/fsm.go

Bug 2278569 (CVE-2023-46565) - CVE-2023-46565 gobgp: buffer overflow via handlingError() function in pkg/server/fsm.go

Summary: CVE-2023-46565 gobgp: buffer overflow via handlingError() function in pkg/ser...

Keywords:
Status:	NEW
Alias:	CVE-2023-46565
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2278570
TreeView+	depends on / blocked

Reported:	2024-05-02 05:21 UTC by TEJ RATHI
Modified:	2024-05-02 14:10 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	---
Doc Text:	A buffer overflow vulnerability has been detected in osrg gobgp. This flaw allows a remote attacker to initiate a denial of service attack. This vulnerability arises due to improper handling of errors within the handlingError function located in pkg/server/fsm.go.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description TEJ RATHI 2024-05-02 05:21:04 UTC

Buffer Overflow vulnerability in osrg gobgp commit 419c50dfac578daa4d11256904d0dc182f1a9b22 allows a remote attacker to cause a denial of service via the handlingError function in pkg/server/fsm.go.

https://github.com/osrg/gobgp/issues/2725

Note You need to log in before you can comment on or make changes to this bug.