CVE-2023-31490
Published: 09 May 2023
Summary
CVE-2023-31490 is a high-severity an unspecified weakness vulnerability in Debian Debian Linux. Its CVSS base score is 7.5 (High).
Operationally, ranked in the top 11.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2023-31490 is a denial-of-service vulnerability in FRRouting's bgpd component at version 8.4.2. The flaw resides in the bgp_attr_psid_sub() function and carries a CVSS 3.1 base score of 7.5, reflecting network attack vector, low complexity, and high impact on availability with no requirements for authentication or user interaction.
A remote attacker can send crafted BGP messages that trigger the vulnerable code path, resulting in a crash or service interruption of the affected routing daemon. No privileges are needed, so any reachable BGP peer or unauthenticated network source can initiate the attack.
Advisories from Debian LTS and multiple Fedora package lists reference updated FRRouting builds that address the issue; operators are expected to apply the corresponding distribution updates to eliminate the affected code.
EPSS for the CVE rose from a low baseline to a recorded peak of 0.0737 before receding to the current value of 0.0424, indicating a period of increased exploitation interest after public disclosure. No confirmed in-the-wild exploitation details are provided in the available references.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-35795
Vulnerability details
An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub() function.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.