Page MenuHomeVyOS Platform

bgp: Use treat-as-withdraw for tunnel encapsulation attribute CVE-2023-38802
Closed, ResolvedPublicBUG

Details

Version
1.3.0
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Unspecified (please specify)

Related Objects

Mentioned In
1.3.4

Event Timeline

c-po claimed this task.
c-po triaged this task as High priority.

1.4 running FRR9 is already mitigated

Added backport for FRR 7.5 https://github.com/FRRouting/frr/pull/14381

Added PR for 1.3 to already include this patch before it's merged upstream https://github.com/vyos/vyos-build/pull/398

c-po closed this task as Unknown Status.Sep 10 2023, 2:14 PM
c-po moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.4) board.
c-po changed the task status from Unknown Status to Resolved.Sep 11 2023, 5:14 AM