CVE-2023-47235

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 3, 2023
Updated: Jul 3, 2024

Summary

CVE-2023-47235 is a vulnerability affecting FRRouting (FRR) versions up to 9.0.1. Maliciously crafted BGP UPDATE messages containing an End-of-Rib (EOR) can lead to a crash in FRR. Processing such messages does not result in the expected treat-as-withdrawal behavior, making the system susceptible to potential denial-of-service attacks. This issue poses a risk to networks that use FRR for their BGP routing. It is recommended that affected systems be updated to the latest stable version of FRR to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share