vulnerability
Ubuntu: USN-6240-1 (CVE-2023-3748): FRR vulnerability
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Jul 24, 2023 | Jul 25, 2023 | Jan 28, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Jul 24, 2023
Added
Jul 25, 2023
Modified
Jan 28, 2025
Description
A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory flag set to enter an infinite loop and cause a denial of service.
Solution
ubuntu-upgrade-frr

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.