Path Attribute Attack
Ondrej Zajicek
santiago at crfreenet.org
Mon Sep 18 16:10:23 CEST 2023
On Mon, Sep 18, 2023 at 09:41:32AM -0400, Michael Lambert wrote:
> As outlined in https://kb.cert.org/vuls/id/347067, there is an attack that uses specially crafted Path Attributes in a BGP UPDATE message to disrupt peering sessions. I don’t recall seeing any discussions of this attack on this list. Is BIRD susceptible?
Hi
AFAIK it is not. See 'Unimpacted Vendors' in:
https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling
--
Elen sila lumenn' omentielvo
Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
More information about the Bird-users
mailing list