Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2023-38406

UNKNOWN
Published 2023-11-06T00:00:00
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2023-38406. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed CRITICAL

GHSA-8jp5-89m5-6xp3

Advisory Details

bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."

CVSS Scoring

CVSS Score

9.0

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-38406
WEB https://github.com/FRRouting/frr/pull/12884
WEB https://github.com/FRRouting/frr/compare/frr-8.4.2...frr-8.4.3
WEB https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html

Advisory provided by GitHub Security Advisory Database. Published: November 6, 2023, Modified: April 28, 2024

References

https://github.com/FRRouting/frr/pull/12884
https://github.com/FRRouting/frr/compare/frr-8.4.2...frr-8.4.3
https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html
Published: 2023-11-06T00:00:00
Last Modified: 2024-08-02T17:39:13.557Z
Copied to clipboard!