{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-41361", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-02T19:01:34.244Z", "dateReserved": "2023-08-29T00:00:00", "datePublished": "2023-08-29T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-09-19T21:06:35.409649"}, "descriptions": [{"lang": "en", "value": "An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software version."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/FRRouting/frr/pull/14241"}, {"name": "[debian-lts-announce] 20230919 [SECURITY] [DLA 3573-1] frr security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00020.html"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:01:34.244Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/FRRouting/frr/pull/14241", "tags": ["x_transferred"]}, {"name": "[debian-lts-announce] 20230919 [SECURITY] [DLA 3573-1] frr security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00020.html"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:*", "matchCriteriaId": "21743BBD-2224-414A-9ECE-DDB43CCCD919", "versionEndIncluding": "9.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software version."}, {"lang": "es", "value": "Se ha descubierto un problema en FRRouting FRR v9.0. \"bgpd/bgp_open.c\" no comprueba una longitud excesiva de la versi\u00f3n de software rcv. "}], "id": "CVE-2023-41361", "lastModified": "2023-10-26T19:52:51.877", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-29T04:15:17.027", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/FRRouting/frr/pull/14241"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00020.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "frr: does not check for an overly large length of the rcv software version", "id": "2235844", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235844"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.9", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-120", "details": ["An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software version.", "A vulnerability was found in FRRouting stemming from a boundary error in bgpd/bgp_open.c. The issue arises because it fails to check for an excessively large length of the received software version (rcv). This flaw allows a remote attacker to overflow a buffer by sending specially crafted data to the application, leading to a denial of service condition."], "name": "CVE-2023-41361", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "frr", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "frr", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2023-08-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-41361\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-41361\nhttps://github.com/FRRouting/frr/pull/14241"], "statement": "In Red Hat Enterprise Linux 8 and 9, the vulnerable code is not included. It was added much later during the development of the 9.x version of FRR in upstream. The highest version of FRR utilized in RHEL is 8.5. Consequently, none of the FRR versions shipped in RHEL are affected by this vulnerability.", "threat_severity": "Moderate", "upstream_fix": "frr 9.1-rc, frr 9.0-rc"}