[j-nsp] CVE-2023-4481

Tobias Heister lists at tobias-heister.de
Thu Aug 31 04:27:24 EDT 2023


Hi,

Am 30.08.2023 um 18:09 schrieb heasley via juniper-nsp:
> Tue, Aug 29, 2023 at 03:42:41PM -0700, David Sinn via juniper-nsp:
>> A network I operate is going with:
>>
>>          bgp-error-tolerance {
>>              malformed-route-limit 0;
>>          }
>>
>> The thoughts being that there is no real reason to retain the malformed route and the default of 1000 is arbitrary. We haven't really seen a rash of them, so adjusting the logging hasn't proven needed yet.
> 
> It does seem arbitrary.  retaining all seems like a better choice,
> operationally.  allowing the operator diagnose why a route is missing;
> show route .... hidden.

Which in theory opens a new attack vector for the future.

As the update is malformed it could do $something to the handling in 
e.g. RPD or other daemons by processing them somehow wrong. By not 
holding or further process any of them that could (maybe, hopefully?) be 
minimized.

Of course proper code and handling of malformed things would be even 
better, but you know ...

regards
Tobias


More information about the juniper-nsp mailing list