Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Researchers Uncover New BGP Flaws in Popular Internet Routing Protocol Software (FRR v 8.4)

    Scheduled Pinned Locked Moved FRR
    2 Posts 2 Posters 319 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • bingo600B
      bingo600
      last edited by

      I'm not using it , but doesn't pfSense use this ??

      https://thehackernews.com/2023/05/researchers-uncover-new-bgp-flaws-in.html

      /Bingo

      If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

      pfSense+ 23.05.1 (ZFS)

      QOTOM-Q355G4 Quad Lan.
      CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
      LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

      M 1 Reply Last reply Reply Quote 0
      • M
        michmoor LAYER 8 Rebel Alliance @bingo600
        last edited by

        @bingo600 If im reading this section correctly....

        ""The DoS condition may be prolonged indefinitely by repeatedly sending malformed packets. The main root cause is the same vulnerable code pattern copied into several functions related to different stages of parsing OPEN messages."

        then the only way to be impacted by this is for the attacker to have compromised a bgp speaking system. BGP peers are established typically with defined neighbors in the configuration so you are not getting an OPEN message from an unknown neighbor. The exception to that would be if you have a BGP configuration and accept any connections from any neighbor -- which i do see within an enterprise. But i think that feature isnt even supported on pfsense. I remember seeing a forum post asking for such a feature in FRR.

        Firewall: NetGate,Palo Alto-VM,Juniper SRX
        Routing: Juniper, Arista, Cisco
        Switching: Juniper, Arista, Cisco
        Wireless: Unifi, Aruba IAP
        JNCIP,CCNP Enterprise

        1 Reply Last reply Reply Quote 1
        • jimpJ jimp moved this topic from Routing and Multi WAN on
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.