838 matches found
CVE-2024-55553
A security issue was discovered in FRRouting FRR. It is possible for an attacker to send excessive Resource Public Key Infrastructure RPKI updates, triggering FRR to re-validate all routes in the routing information base each time. This can cause high CPU and network bandwidth consumption,...
CVE-2024-55553
In FRRouting FRR before 10.3 from 6.0 onward, all routes are re-validated if the total size of an update received via RTR exceeds the internal socket's buffer size, default 4K on most OSes. An attacker can use this to trigger re-parsing of the RIB for FRR routers using RTR by causing more than th...
AZL-55115 CVE-2024-55553 affecting package frr for versions less than 8.5.5-3
In FRRouting FRR before 10.3 from 6.0 onward, all routes are re-validated if the total size of an update received via RTR exceeds the internal socket's buffer size, default 4K on most OSes. An attacker can use this to trigger re-parsing of the RIB for FRR routers using RTR by causing more than th...
CVE-2024-55553
In FRRouting FRR before 10.3 from 6.0 onward, all routes are re-validated if the total size of an update received via RTR exceeds the internal socket's buffer size, default 4K on most OSes. An attacker can use this to trigger re-parsing of the RIB for FRR routers using RTR by causing more than th...
UBUNTU-CVE-2024-55553
In FRRouting FRR before 10.3 from 6.0 onward, all routes are re-validated if the total size of an update received via RTR exceeds the internal socket's buffer size, default 4K on most OSes. An attacker can use this to trigger re-parsing of the RIB for FRR routers using RTR by causing more than th...
FRRouting 安全漏洞
FRRouting is an open source FRRouting suite of network routing software that runs on Unix-like platforms. A security vulnerability exists in FRRouting versions prior to 10.3, which stems from the fact that an attacker can trigger repeated RIB revalidation by sending approximately 500 RPKI updates...
CVE-2024-55553
In FRRouting FRR before 10.3 from 6.0 onward, all routes are re-validated if the total size of an update received via RTR exceeds the internal socket's buffer size, default 4K on most OSes. An attacker can use this to trigger re-parsing of the RIB for FRR routers using RTR by causing more than th...
CVE-2024-55553
In FRRouting FRR before 10.3 from 6.0 onward, all routes are re-validated if the total size of an update received via RTR exceeds the internal socket's buffer size, default 4K on most OSes. An attacker can use this to trigger re-parsing of the RIB for FRR routers using RTR by causing more than th...
CVE-2024-55553
In FRRouting FRR before 10.3 from 6.0 onward, all routes are re-validated if the total size of an update received via RTR exceeds the internal socket's buffer size, default 4K on most OSes. An attacker can use this to trigger re-parsing of the RIB for FRR routers using RTR by causing more than th...
PT-2025-1316
Name of the Vulnerable Software and Affected Versions FRRouting versions 6.0 through 10.2.1 FRRouting versions prior to 10.3 Description The issue is related to the re-validation of routes in FRRouting. An attacker can trigger re-parsing of the RIB for FRR routers using RTR by causing more than t...
CVE-2024-55553
FRR vulnerability CVE-2024-55553 affects FRR prior to 10.3 (from 6.0 onward): when the total size of updates via RTR exceeds the internal socket buffer (default 4 KB), all routes are re-validated, enabling an attacker to trigger re-parsing of the RIB by sending more updates than the buffer in an ...
ROS-20241001-04
Vulnerability of the bgpattrencap function in the bgpd/bgpattr.c file of the software tool for implementing network routing on Unix-like systems FRRouting is related to the lack of verification of actual remaining routing on Unix-like systems FRRouting is related to the lack of checking the actua...
FreeBSD : frr - BGP (802961eb-7a89-11ef-bdd7-a0423f48a938)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 802961eb-7a89-11ef-bdd7-a0423f48a938 advisory. [email protected] reports: An issue was discovered in FRRouting FRR. bgpattrencap in bgpd/bgpattr.c does no...
SUSE CVE-2017-15865
bgpd in FRRouting FRR before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes...
[SECURITY] Fedora 39 Update: frr-8.5.5-2.fc39
FRRouting is free software that manages TCP/IP based routing protocols. It ta kes a multi-server and multi-threaded approach to resolve the current complexity of the Internet. FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. FRRouting is a fork of Quagga...
[SECURITY] Fedora 40 Update: frr-9.1.1-2.fc40
FRRouting is free software that manages TCP/IP based routing protocols. It ta kes a multi-server and multi-threaded approach to resolve the current complexity of the Internet. FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. FRRouting is a fork of Quagga...
USN-7016-1: FRR vulnerability
Iggy Frankovic discovered that FRR incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service...
The vulnerability of the get_edge() function in the ospf_te.c file of the OSPF Daemon component of the FRRouting software for Unix-like systems allows a attacker to cause a service failure.
The vulnerability of the getedge function in the ospfte.c file of the OSPF Daemon component, a networking routing implementation software for Unix-like systems, is related to resource release errors. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
The vulnerability of the software for implementing network routing on Unix-like systems is related to improper validation of the specified data type. This allows a malicious actor to cause service failures.
The vulnerability of the FRRouting software implementation for Unix-like systems is related to improper validation of the specified data type. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
ROS-20240905-01
Vulnerability of the bgpattrencap function in the bgpd/bgpattr.c file of the software tool for implementing network routing on Unix-like systems FRRouting is related to the lack of verification of actual remaining routing on Unix-like systems FRRouting is related to the lack of checking the actua...