Path Attribute Attack

Maria Matejka maria.matejka at nic.cz
Mon Sep 18 16:13:19 CEST 2023


Hello!

Can't open that link for whatever reason, anyway the last problem with sending an invalid path attribute in BGP, killing some sessions repeatedly, didn't affect BIRD at all.

Anyway, BIRD transferred this attribute (as unknown transitional) through the whole Internet, so we are now working on adding a possibility to delete (or also set) any BGP attribute, even unknown.

Hope that helps.
Maria


On 18 September 2023 15:41:32 CEST, Michael Lambert <lambert at andrew.cmu.edu> wrote:
>As outlined in https://kb.cert.org/vuls/id/347067, there is an attack that uses specially crafted Path Attributes in a BGP UPDATE message to disrupt peering sessions. I don’t recall seeing any discussions of this attack on this list. Is BIRD susceptible?
>
>Thanks,
>Michael
>
>

-- 
Maria Matejka (she/her) | BIRD Team Leader | CZ.NIC, z.s.p.o.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20230918/6d29921a/attachment.htm>


More information about the Bird-users mailing list