838 matches found
CVE-2022-40302
An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...
CVE-2022-43681
CVE-2022-43681 is an out-of-bounds read vulnerability in the FRRouting (FRR) BGP daemon. The issue occurs when parsing a malformed BGP OPEN message that ends with the option length octet (or extended length), causing the code to read beyond the packet and invoke SIGABRT, triggering a bgpd restart...
CVE-2022-40302
CVE-2022-40302 affects FRRouting (FRR) bgpd through 8.4. An attacker can cause a DoS by sending a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072) due to inconsistent boundary checks that read 3 bytes instead of 2 in this case, potentially triggering an assertion failu...
CVE-2022-40302
An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...
CVE-2022-43681
An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet or the option length word, in case of an extended OPEN message, the FRR code reads of out of the bounds of the packet, throwing a SIGABRT...
CVE-2022-43681
An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet or the option length word, in case of an extended OPEN message, the FRR code reads of out of the bounds of the packet, throwing a SIGABRT...
CVE-2022-40318
An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...
Researchers Uncover New BGP Flaws in Popular Internet Routing Protocol Software
Cybersecurity researchers have uncovered weaknesses in a software implementation of the Border Gateway Protocol BGP that could be weaponized to achieve a denial-of-service DoS condition on vulnerable BGP peers. The three vulnerabilities reside in version 8.4 of FRRouting, a popular open source...
Researchers Uncover New BGP Flaws in Popular Internet Routing Protocol Software
Cybersecurity researchers have uncovered weaknesses in a software implementation of the Border Gateway Protocol BGP that could be weaponized to achieve a denial-of-service DoS condition on vulnerable BGP peers. The three vulnerabilities reside in version 8.4 of FRRouting, a popular open source...
Fedora: Security Advisory for frr (FEDORA-2023-14ec79ae02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 37 Update: frr-8.5-1.fc37
FRRouting is free software that manages TCP/IP based routing protocols. It ta kes a multi-server and multi-threaded approach to resolve the current complexity of the Internet. FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EI GRP and BFD. FRRouting is a fork of Quagga...
[SECURITY] Fedora 38 Update: frr-8.5-1.fc38
FRRouting is free software that manages TCP/IP based routing protocols. It ta kes a multi-server and multi-threaded approach to resolve the current complexity of the Internet. FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EI GRP and BFD. FRRouting is a fork of Quagga...
Fedora 38 : frr (2023-77d00facd0)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-77d00facd0 advisory. New version 8.5 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
Fedora 37 : frr (2023-2cb0f34efe)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-2cb0f34efe advisory. New version 8.5 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
CVE-2022-36440
A reachable assertion flaw was found in Frrouting frr-bgpd in the peekforas4capability function. This flaw allows an attacker to maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in a denial of service...
CVE-2022-36440
A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peekforas4capability function. Attackers can maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in DoS...
CVE-2022-36440
A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peekforas4capability function. Attackers can maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in DoS...
CVE-2022-36440
A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peekforas4capability function. Attackers can maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in DoS...
Authentication flaw
A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peekforas4capability function. Attackers can maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in DoS...
CVE-2022-36440
A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peekforas4capability function. Attackers can maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in DoS...