Lucene search

K
osvGoogleOSV:USN-6794-1
HistoryMay 28, 2024 - 3:29 p.m.

frr vulnerabilities

2024-05-2815:29:21
Google
osv.dev
4
frr
security vulnerabilities
denial of service
arbitrary code

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

7.9

Confidence

High

EPSS

0

Percentile

15.5%

It was discovered that FRR incorrectly handled certain malformed BGP and
OSPF packets. A remote attacker could use this issue to cause FRR to crash,
resulting in a denial of service, or possibly execute arbitrary code.

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

7.9

Confidence

High

EPSS

0

Percentile

15.5%