[Bug 1223794] New: VUL-0: CVE-2023-46565: TRACKERBUG: gobgp: buffer overflow via handlingError() function in pkg/server/fsm.go

2 May 2024

      https://bugzilla.suse.com/show_bug.cgi?id=1223794

            Bug ID: 1223794
           Summary: VUL-0: CVE-2023-46565: TRACKERBUG: gobgp: buffer
                    overflow via handlingError() function in
                    pkg/server/fsm.go
    Classification: openSUSE
           Product: openSUSE Tumbleweed
           Version: Current
          Hardware: Other
               URL: https://smash.suse.de/issue/403566/
                OS: Other
            Status: NEW
          Severity: Normal
          Priority: P5 - None
         Component: Virtualization:Other
          Assignee: asarai@suse.com
          Reporter: camila.matos@suse.com
        QA Contact: qa-bugs@suse.de
                CC: camila.matos@suse.com, qa-bugs@suse.de,
                    screening-team-bugs@suse.de, smash_bz@suse.de
            Blocks: 1223793
  Target Milestone: ---
          Found By: Security Response Team
           Blocker: ---

+++ This bug was initially created as a clone of Bug #1223793 +++

Buffer Overflow vulnerability in osrg gobgp commit
419c50dfac578daa4d11256904d0dc182f1a9b22 allows a remote attacker to cause a
denial of service via the handlingError function in pkg/server/fsm.go.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46565
https://www.cve.org/CVERecord?id=CVE-2023-46565
https://github.com/osrg/gobgp/issues/2725
https://bugzilla.redhat.com/show_bug.cgi?id=2278569
-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug 1223794] New: VUL-0: CVE-2023-46565: TRACKERBUG: gobgp: buffer overflow via handlingError() function in pkg/server/fsm.go

bugzilla_noreply＠suse.com