mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-14 05:49:57 +00:00
Armin Kuster
799e0847cc
An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference. References: https://nvd.nist.gov/vuln/detail/CVE-2023-41909 https://security-tracker.debian.org/tracker/CVE-2023-41909 Signed-off-by: Narpat Mali <narpat.mali@windriver.com> [Minor fixup ] Signed-off-by: Armin Kuster <akuster808@gmail.com>