Unrated severityNVD Advisory· Published Aug 29, 2023· Updated Oct 2, 2024

CVE-2023-38283

Description

In OpenBGPD before 8.1, incorrect handling of BGP update data (length of path attributes) set by a potentially distant remote actor may cause the system to incorrectly reset a session. This is fixed in OpenBSD 7.3 errata 006.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

OpenBSD/OpenBGPDdescription
OpenBSD/OpenBGPDllm-create
Range: <8.1

Patches

Vulnerability mechanics

References

blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handlingmitre
ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/006_bgpd.patch.sigmitre
github.com/openbgpd-portable/openbgpd-portable/releases/tag/8.1mitre
news.ycombinator.com/itemmitre
www.openbsd.org/errata73.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000