Vulnerabilities > CVE-2023-38407 - Unspecified vulnerability in Frrouting
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing.
Vulnerable Configurations
References
- https://github.com/FRRouting/frr/compare/frr-8.5-rc...frr-8.5
- https://github.com/FRRouting/frr/compare/frr-8.5-rc...frr-8.5
- https://github.com/FRRouting/frr/pull/12951
- https://github.com/FRRouting/frr/pull/12951
- https://github.com/FRRouting/frr/pull/12956
- https://github.com/FRRouting/frr/pull/12956
- https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html