CVE-2023-38802

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 29, 2023

Updated: Dec 22, 2023

CWE ID 354

Summary

CVE-2023-38802 is a denial-of-service vulnerability affecting FRRouting versions 7.5.1 to 9.0 and Pica8 PICOS 4.3.3.2. An attacker can exploit this issue by sending a crafted BGP update with a corrupted Attribute 23 (Tunnel Encapsulation). Successful exploitation results in a denial-of-service condition. Users are advised to apply the vendor-provided patches as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Frrouting
Debian
Fedora Operating System

Affected Vendors

Debian
Fedora Project
Pica8

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sG63pm
https://www.cve.org/CVERecord?id=CVE-2023-38802
https://nvd.nist.gov/vuln/detail/CVE-2023-38802

Back to Vulnerability Database