2230983 – (CVE-2023-38802) CVE-2023-38802 frr: Incorrect handling of a error in parsing of an invalid section of a BGP update can de-peer a router

Bug 2230983 (CVE-2023-38802) - CVE-2023-38802 frr: Incorrect handling of a error in parsing of an invalid section of a BGP update can de-peer a router

Summary: CVE-2023-38802 frr: Incorrect handling of a error in parsing of an invalid se...

Keywords:
Status:	NEW
Alias:	CVE-2023-38802
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2231000 2231001 2231062 2231063 2236442 2236704 2236705 2236706 2236707 2236708 2236709 2236710 2236711
Blocks:	2230985
TreeView+	depends on / blocked

Reported:	2023-08-10 10:26 UTC by msiddiqu
Modified:	2024-01-29 06:17 UTC (History)
CC List:	9 users (show)
Fixed In Version:	frr 9.1, frr 8.4-stable
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2023:5194	None	None	None	2023-09-18 13:49:22 UTC
Red Hat Product Errata	RHSA-2023:5195	None	None	None	2023-09-18 13:57:25 UTC
Red Hat Product Errata	RHSA-2023:5196	None	None	None	2023-09-18 13:49:05 UTC
Red Hat Product Errata	RHSA-2023:5219	None	None	None	2023-09-19 08:00:35 UTC
Red Hat Product Errata	RHSA-2023:5457	None	None	None	2023-10-05 13:41:54 UTC
Red Hat Product Errata	RHSA-2023:5464	None	None	None	2023-10-05 13:01:43 UTC
Red Hat Product Errata	RHSA-2023:5465	None	None	None	2023-10-05 14:36:31 UTC

Description msiddiqu 2023-08-10 10:26:01 UTC

Incorrect length handling of path attributes in BGP packets can lead to a session reset.

Comment 7 msiddiqu 2023-08-31 10:03:54 UTC

Created frr tracking bugs for this issue:

Affects: fedora-all [bug 2236442]

Comment 8 msiddiqu 2023-08-31 10:04:41 UTC

# Upstream Fix: 

- https://github.com/FRRouting/frr/pull/14290
- https://github.com/FRRouting/frr/issues/14289

Comment 9 msiddiqu 2023-08-31 10:17:19 UTC

References: 
 
- https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling
- https://github.com/advisories/GHSA-xh4f-v933-c556
- https://nvd.nist.gov/vuln/detail/CVE-2023-38802
- http://tools.ietf.org/html/rfc4271
- https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/006_bgpd.patch.sig

Comment 12 errata-xmlrpc 2023-09-18 13:49:03 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2023:5196 https://access.redhat.com/errata/RHSA-2023:5196

Comment 13 errata-xmlrpc 2023-09-18 13:49:20 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:5194 https://access.redhat.com/errata/RHSA-2023:5194

Comment 14 errata-xmlrpc 2023-09-18 13:57:24 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:5195 https://access.redhat.com/errata/RHSA-2023:5195

Comment 15 errata-xmlrpc 2023-09-19 08:00:33 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:5219 https://access.redhat.com/errata/RHSA-2023:5219

Comment 16 errata-xmlrpc 2023-10-05 13:01:42 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:5464 https://access.redhat.com/errata/RHSA-2023:5464

Comment 17 errata-xmlrpc 2023-10-05 13:41:53 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:5457 https://access.redhat.com/errata/RHSA-2023:5457

Comment 18 errata-xmlrpc 2023-10-05 14:36:29 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:5465 https://access.redhat.com/errata/RHSA-2023:5465

Note You need to log in before you can comment on or make changes to this bug.