CVE-2023-38406
Description
bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Mitigation details
Description ffr: Flowspec overflow in bgpd/bgp_flowspec.c Red Hat statement Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates onceβ¦
Description
ffr: Flowspec overflow in bgpd/bgp_flowspec.c
Red Hat statement
Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.
CVSS v3: 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Errata / fixed releases
| Product | Package | Advisory | Released |
|---|---|---|---|
| Red Hat Enterprise Linux 8 | frr-0:7.5.1-13.el8_9.3 | RHSA-2024:0130 | 2024-01-10T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Extended Update Support | frr-0:7.5-11.el8_6.7 | RHSA-2024:1113 | 2024-03-05T00:00:00Z |
| Red Hat Enterprise Linux 8.8 Extended Update Support | frr-0:7.5.1-7.el8_8.5 | RHSA-2024:0574 | 2024-01-30T00:00:00Z |
| Red Hat Enterprise Linux 9 | frr-0:8.3.1-11.el9_3.2 | RHSA-2024:0477 | 2024-01-25T00:00:00Z |
| Red Hat Enterprise Linux 9.0 Extended Update Support | frr-0:8.0-5.el9_0.3 | RHSA-2024:1152 | 2024-03-05T00:00:00Z |
| Red Hat Enterprise Linux 9.2 Extended Update Support | frr-0:8.3.1-5.el9_2.4 | RHSA-2024:1093 | 2024-03-05T00:00:00Z |
Apply commands
yum update -y frr
# or:
dnf upgrade -y frrOS impact
SUSE Affected 1 release
| Version | Status | Fixed in |
|---|---|---|
| β | Affected | β |
Debian Fixed 5 releases
| Version | Status | Fixed in |
|---|---|---|
| trixie | Fixed | 8.4.4-1 |
| sid | Fixed | 8.4.4-1 |
| forky | Fixed | 8.4.4-1 |
| bullseye | Fixed | 7.5.1-1.1+deb11u3 |
| bookworm | Fixed | 8.4.4-1.1~deb12u1 |
Red Hat Fixed 2 releases
| Version | Status | Fixed in |
|---|---|---|
| 9 | Fixed | β |
| 8 | Fixed | β |
Rocky Linux Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| 8 | Fixed | β |
References
- https://access.redhat.com/errata/RHSA-2024:0477
- https://errata.rockylinux.org/RLSA-2024:0130
- https://security-tracker.debian.org/tracker/CVE-2023-38406
- https://www.suse.com/security/cve/CVE-2023-38406.html
- https://access.redhat.com/errata/RHSA-2024:0130
- https://bugzilla.redhat.com/2248207
- https://bugzilla.redhat.com/2248208
- https://bugzilla.redhat.com/2248526
- https://bugzilla.redhat.com/2248528
- https://errata.almalinux.org/8/ALSA-2024-0130.html
- https://errata.almalinux.org/9/ALSA-2024-0477.html
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.