122 matches found
CVE-2026-37457
A flaw was found in FRRouting FRR. A remote attacker can exploit an off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function by supplying a specially crafted FlowSpec component. This issue can lead to a Denial of Service DoS. Mitigation Red Hat has investigated whether a...
SUSE CVE-2026-37457
An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...
Linux Distros Unpatched Vulnerability : CVE-2026-37457
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to caus...
CVE-2026-37457
An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...
CVE-2026-37457
An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...
UBUNTU-CVE-2026-37457
An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...
FRRouting 缓冲区错误漏洞
FRRouting is FRRouting open source a network routing software suite that runs on Unix-like platforms. FRRouting suffers from a buffer error vulnerability that stems from the presence of a difference-one out-of-bounds write to the bgpflowspecopdecode function, which could lead to a denial of servi...
CVE-2026-37457
An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...
CVE-2026-37457
An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...
CVE-2026-37457
An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...
CVE-2026-37457
An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...
CVE-2026-37457
FRRouting (FRR) stable/10.0 is affected by CVE-2026-37457 due to an off-by-one out-of-bounds write in bgp_flowspec_op_decode() within bgpd/bgp_flowspec_util.c. Attackers may cause a Denial of Service by supplying a crafted FlowSpec component. The available sources describe the vulnerability clear...
PT-2026-36526
Name of the Vulnerable Software and Affected Versions FRRouting version stable/10.0 Description An off-by-one out-of-bounds write issue exists in the bgp flowspec op decode function located in bgpd/bgp flowspec util.c. This flaw allows attackers to trigger a Denial of Service DoS by providing a...
MiracleLinux 8 : frr-7.5.1-13.el8_9.3.ML.1 (AXSA:2024-7415:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7415:01 advisory. ffr: Flowspec overflow in bgpd/bgpflowspec.c CVE-2023-38406 ffr: Out of bounds read in bgpd/bgplabel.c CVE-2023-38407 frr: crash from specially...
CLSA-2025-1762363302 frr: Fix of 4 CVEs
CVE-2022-36440: fix heap-buffer-overflow in peekforas4capability when reading BGP OPEN extended optional parameters - CVE-2023-31490: fix insufficient stream data validation in BGP prefix SID attributes processing - CVE-2023-38407: fix out-of-bounds read in BGP labeled unicast parsing -...
CLSA-2025-1762181946 frr: Fix of CVE-2023-38406
CVE-2023-38406: fix BGP Flowspec NLRI overflow vulnerability where zero-length packets could cause packet processing errors...
EUVD-2014-6270
Malware in sbrugna...
EUVD-2020-12481
Malware in sbrugna...
EUVD-2019-0810
Malware in sbrugna...
EUVD-2021-18277
Malware in sbrugna...