MidnightBSD

Advisories for pica8

CVE-2023-38802

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 38
fedoraproject fedora 37
pica8 picos 4.3.3.2
debian debian_linux 12.0
frrouting frrouting *
debian debian_linux 11.0
fedoraproject fedora 39