2437 matches found
CVE-2026-37459
An integer underflow in FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...
CVE-2026-37461
An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...
UBUNTU-CVE-2026-37461
An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...
GoBGP has an Improper Resource Shutdown or Release
A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...
Buffer Overflow
Overview Affected versions of this package are vulnerable to Buffer Overflow in the DecodeFromBytes function of the AIGP Attribute Parser. An attacker can execute arbitrary code, cause a denial of service, or compromise data integrity and confidentiality by sending specially crafted BGP packets t...
UBUNTU-CVE-2026-7734
A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...
UBUNTU-CVE-2026-7735
A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component AIGP Attribute Parser. Performing a manipulation results in buffer overflow. It is possible to initiate the attack remotely. Upgrading...
EUVD-2026-26917
A vulnerability was identified in osrg GoBGP up to 4.3.0. Affected by this issue is the function BMPPeerUpNotification.ParseBody/BMPStatisticsReport.ParseBody of the file pkg/packet/bmp/bmp.go of the component BMP Parser. The manipulation leads to out-of-bounds read. The attack can be initiated...
CVE-2026-7736 osrg GoBGP mrt.go parseRibEntry integer underflow
A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the attack remotely. Upgrading to version 4.4.0 addresses this...
CVE-2026-7736
A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the attack remotely. Upgrading to version 4.4.0 addresses this...
CVE-2026-7735 osrg GoBGP AIGP Attribute bgp.go PathAttributeAigp.DecodeFromBytes buffer overflow
A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component AIGP Attribute Parser. Performing a manipulation results in buffer overflow. It is possible to initiate the attack remotely. Upgrading...
EUVD-2026-26914
A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...
PT-2026-36875
Name of the Vulnerable Software and Affected Versions FRRouting FRR versions 10.0 through 10.6 Description An integer underflow occurs when a program calculates a value that is smaller than the minimum value the variable can hold, often wrapping around to a very large number. This issue allows...
CVE-2026-37459
An integer underflow in FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...
EUVD-2026-27047
An integer underflow in FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...
CVE-2026-37461
An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...
PT-2026-36780
Name of the Vulnerable Software and Affected Versions osrg GoBGP versions prior to 4.4.0 Description A remote out-of-bounds read can occur within the BMP Parser component. The issue exists in the BMPPeerUpNotification.ParseBody and BMPStatisticsReport.ParseBody functions located in the...
CVE-2026-37461
An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...
CVE-2026-37459
FRRouting (FRR) versions stable/10.0 through stable/10.6 are affected by an integer underflow in BGP UPDATE processing, allowing an attacker to induce a Denial of Service. The vulnerability arises in the handling of crafted BGP UPDATE messages. No explicit exploit details or affected product name...
CVE-2026-37461
CVE-2026-37461 describes an out-of-bounds read in gobgp v4.3.0, in the ParseIP6Extended function (/bgp/bgp.go). The vulnerability can be exploited by a crafted BGP UPDATE message, leading to a Denial of Service. The provided documents identify the affected component and the root cause, but do not...