Rapid7 Vulnerability & Exploit Database

Ubuntu: (Multiple Advisories) (CVE-2023-3748): FRR vulnerability

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

Ubuntu: (Multiple Advisories) (CVE-2023-3748): FRR vulnerability

Severity

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

07/24/2023

Created

07/25/2023

Added

07/25/2023

Modified

08/04/2023

Description

A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory flag set to enter an infinite loop and cause a denial of service.

Solution(s)

ubuntu-upgrade-frr

References

https://attackerkb.com/topics/cve-2023-3748
CVE - 2023-3748
USN-6240-1

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Ubuntu: (Multiple Advisories) (CVE-2023-3748): FRR vulnerability

Ubuntu: (Multiple Advisories) (CVE-2023-3748): FRR vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.