CVE-2023-31490: 
Rocky Linux vulnerability analysis and mitigation

CVE-2023-31490 is a security vulnerability discovered in FRRouting (FRR) bgpd version 8.4.2. The vulnerability was disclosed on May 9, 2023, and affects the bgpattrpsid_sub() function. This vulnerability allows remote attackers to cause a denial of service condition in the BGP daemon (NVD, Debian Security).

The vulnerability stems from a missing length check in the bgpattrpsidsub() function when processing BGPPREFIXSIDSRV6L3SERVICE type packets. When a maliciously crafted PSID TLV with Type = 5 and Length = 0 is received, it can trigger a crash in the BGP daemon. The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (NVD, GitHub Issue).

The successful exploitation of this vulnerability results in a denial of service condition, affecting the availability of the BGP daemon. This can disrupt network routing operations and affect the overall network stability of systems running the vulnerable FRRouting software (NVD).

Multiple Linux distributions have released security updates to address this vulnerability. Debian has fixed the issue in version 7.5.1-1.1+deb11u2 for Debian 11 (Bullseye) and version 8.4.4-1.1~deb12u1 for Debian 12 (Bookworm). Fedora has addressed the vulnerability in versions 8.5.3-1.fc37, 8.5.3-1.fc38, and 8.5.3-1.fc39 for Fedora 37, 38, and 39 respectively (Debian Security, Fedora Update).