14 matches found
CVE-2026-5122
A flaw was found in osrg GoBGP. A remote attacker could exploit a vulnerability in the BGP OPEN Message Handler by manipulating the domainNameLen argument within the DecodeFromBytes function. This could lead to improper access controls, potentially allowing unauthorized access or modification of...
Linux Distros Unpatched Vulnerability : CVE-2026-5122
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security flaw has been discovered in osrg GoBGP up to 4.3.0. This affects the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component BGP...
Incorrect Privilege Assignment
Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the CapFQDN.DecodeFromBytes function of the BGP OPEN Message Handler. An attacker can bypass intended access controls by manipulating the domainNameLen argument remotely, potentially resulting in...
Moderate: Red Hat Security Advisory: frr security and bug fix update
An update for frr is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
Denial Of Service
libfrr.so is vulnerable to Denial Of Service attack. This is possible because of an inconsistent boundary check. Attackers can cause an out of bound read by BGP OPEN message with an option of type 0xff...
Denial Of Service
libfrr.so is vulnerable to Denial of Service attack. When sending a malformed BGP OPEN message that ends with optional length octet, an out of bounds read can occur which throws an error. This results into an application crash leading to DoS attack...
Denial Of Service (DoS)
frr is vulnerable to Denial of Service DoS attacks. By crafting a BGP OPEN message with an option of type 0xff, an attacker is able to cause a denial of service conditions due to inconsistent boundary checks that do not account for reading 3 bytes instead of 2 in this 0xff case...
CVE-2022-40302
An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...
CVE-2022-40318
An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...
CVE-2022-40302
An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...
CVE-2022-40318
An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...
CVE-2022-40302
An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...
CVE-2022-40302
An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...
CVE-2022-40318
CVE-2022-40318 (FRR bgpd) : In FRR up to 8.4, FRR’s bgp_open_option_parse() mishandles an option of type 0xff (Extended Length from RFC 9072), with boundary checks that don’t account for reading 3 bytes, causing denial of service via assertion failure and bgpd restart, or an out-of-bounds read. A...