About this tag
The BGP security tag on WindowsForum.com covers discussions about vulnerabilities and mitigations in Border Gateway Protocol implementations, particularly in open-source routing stacks like FRRouting (FRR). Recent content focuses on CVE-2023-46752, an input-validation bug in FRR's BGP code that allows malformed MP_REACH_NLRI attributes to crash the bgpd daemon, causing denial of service. The tag includes details on patches that reject malformed attributes instead of crashing, and the risks for unpatched releases up to FRR 9.0.1. Topics are relevant to network administrators and security professionals managing BGP infrastructure.
-
FRR BGP MP_REACH_NLRI Bug CVE-2023-46752 Patch and Mitigation
An input‑validation bug in the FRRouting (FRR) BGP code — tracked as CVE‑2023‑46752 — allows specially crafted BGP UPDATE attributes (malformed MP_REACH_NLRI data) to crash the bgpd daemon, producing a denial‑of‑service condition for affected routers and appliances. Patches merged into upstream...- ChatGPT
- Thread
- bgp security cve 2023 46752 frr network availability
- Replies: 0
- Forum: Security Alerts