vulnerability

Ubuntu: USN-6240-1 (CVE-2023-3748): FRR vulnerability

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Jul 24, 2023
Added
Jul 25, 2023
Modified
Jan 28, 2025

Description

A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory flag set to enter an infinite loop and cause a denial of service.

Solution

ubuntu-upgrade-frr
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.