620 matches found
EUVD-2026-42702
An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker sending a specific BGP update over an established BGP session to cause a Denial-of-Service DoS...
CVE-2026-33801
An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker sending a specific BGP update over an established BGP session to cause a Denial-of-Service DoS...
CVE-2026-33801
CVE-2026-33801 affects Juniper Networks Junos OS and Junos OS Evolved. An adjacent, unauthenticated attacker can trigger a Denial-of-Service by sending a specifically malformed non-inet/inet6 unicast BGP update over an established BGP session, causing the Routing Protocol Daemon (RPD) to crash an...
Juniper Junos OS Vulnerability (JSA110076)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA110076 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an...
CVE-2026-49943
A flaw was found in the BIRD Internet Routing Daemon. An established BGP Border Gateway Protocol peer can send a specially crafted BGP UPDATE message containing an unusually long ASPATH Autonomous System Path attribute. When a BIRD filter evaluates an AS path mask expression, this can lead to a...
[SECURITY] Fedora 44 Update: bird-3.3.1-1.fc44
BIRD is a dynamic IP routing daemon supporting both, IPv4 and IPv6, Border Gateway Protocol BGPv4, Routing Information Protocol RIPv2, RIPng, Open Shortest Path First protocol OSPFv2, OSPFv3, Babel Routing Protocol Babel, Bidirectional Forwarding Detection BFD, IPv6 router advertisements, static...
[SECURITY] Fedora 43 Update: bird-3.3.1-1.fc43
BIRD is a dynamic IP routing daemon supporting both, IPv4 and IPv6, Border Gateway Protocol BGPv4, Routing Information Protocol RIPv2, RIPng, Open Shortest Path First protocol OSPFv2, OSPFv3, Babel Routing Protocol Babel, Bidirectional Forwarding Detection BFD, IPv6 router advertisements, static...
USN-8429-1 fastnetmon vulnerabilities
It was discovered that FastNetMon incorrectly validated prefix lengths when decoding BGP NLRI data. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 26.04 LTS. CVE-2026-48686 It was...
RLSA-2026:24370 Important: frr10 security update
FRRouting is free software that manages TCP/IP based routing protocols. It takes a multi-server and multi-threaded approach to resolve the current complexity of the Internet. FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. FRRouting is a fork of Quagga...
RockyLinux 9 : frr10 (RLSA-2026:24370)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:24370 advisory. frr: denial of service via crafted FlowSpec component CVE-2026-37457 frr: denial of service via crafted BGP UPDATE message CVE-2026-37459 Tenable has...
frr: denial of service via crafted BGP UPDATE message
A flaw was found in FRRouting FRR. An unauthenticated remote attacker can exploit an integer underflow vulnerability by supplying a specially crafted BGP Border Gateway Protocol UPDATE message. This issue can lead to a Denial of Service DoS...
Important: Red Hat Security Advisory: frr security update
An update for frr is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
frr: denial of service via crafted BGP UPDATE message
A flaw was found in FRRouting FRR. An unauthenticated remote attacker can exploit an integer underflow vulnerability by supplying a specially crafted BGP Border Gateway Protocol UPDATE message. This issue can lead to a Denial of Service DoS...
CVE-2026-20171
A vulnerability in the Border Gateway Protocol BGP enforce-first-as feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to trigger BGP peer flaps, resulting in a denial of service DoS condition...
CVE-2026-41642
A flaw was found in GoBGP 4.3.0. A malformed BGP UPDATE with an unrecognized Path Attribute marked as well-known is not rejected cleanly, triggering a nil pointer dereference that crashes the GoBGP daemon. Fixed in GoBGP 4.4.0. Mitigation Upgrade to GoBGP 4.4.0 or later...
CVE-2026-41643
GoBGP is an open source Border Gateway Protocol BGP implementation in the Go Programming Language. Prior to version 4.3.0, a remote Denial of Service DoS vulnerability exists in GoBGP where a malformed BGP UPDATE message can trigger a runtime error: index out of range panic. This occurs during th...
SUSE CVE-2026-37462
An integer underflow in the BGPUpdate.DecodeFromBytes function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : FRR vulnerabilities (USN-8376-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8376-1 advisory. It was discovered that FRR incorrectly handled certain OSPF Traffic Engineering and Segment Routing TLVs. An attacker cou...
Integer Underflow (Wrap or Wraparound)
Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound in the DecodeFromBytes function. An attacker can trigger a nil pointer dereference and panic by supplying a malicious BGP UPDATE message with a declared section length shorter than the actual data...
DEBIAN-CVE-2026-37460
Missing input validation in the rfapiRibBi2Ri function rfapirib.c of FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...