VYPR

Katran

by Facebook

CVEs (1)

  • CVE-2023-49062Nov 28, 2023
    risk 0.00cvss epss 0.01

    Katran could disclose non-initialized kernel memory as part of an IP header. The issue was present for IPv4 encapsulation and ICMP (v4) Too Big packet generation. After a bpf_xdp_adjust_head call, Katran code didn’t initialize the Identification field for the IPv4 header,…