UBUNTU-CVE-2026-37459

An integer underflow in FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

ROS-20260417-73-0003

Vulnerability in frr related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260417-73-0005

Vulnerability in frr related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260417-73-0007

Vulnerability in frr related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260417-73-0002

Vulnerability in frr related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260417-73-0008

Vulnerability in frr related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

USN-8175-1 frr vulnerability

It was discovered that FRR did not correctly handle certain network requests. A remote attacker could possibly use this issue to gain unauthorized access to resources...

USN-8175-1: FRR vulnerability

It was discovered that FRR did not correctly handle certain network requests. A remote attacker could possibly use this issue to gain unauthorized access to resources...

USN-8046-1: FRR vulnerabilities

It was discovered that FRR incorrectly handled certain malformed OSPF and update packets. A remote attacker could possibly use these issues to cause FRR to crash, resulting in a denial of service...

MiracleLinux 9 : frr-8.3.1-5.el9.2.ML.1 (AXSA:2023-6435:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6435:05 advisory. frr: Incorrect handling of a error in parsing of an invalid section of a BGP update can de-peer a router CVE-2023-38802 Tenable has extracted the preceding...

CVE-2025-61106

A flaw was found in frr. When the OSPF daemon ospfd is configured with the debug command "debug ospf packet all send/recv detail", it attempts to print detailed information about OSPF packets. However, a specially crafted OSPF packet can trigger a NULL pointer dereference in the...

CVE-2025-61103

A flaw was found in frr. When the OSPF daemon ospfd is configured with the debug command "debug ospf packet all send/recv detail", it attempts to print detailed information about OSPF packets. However, a specially crafted OSPF packet can trigger a NULL pointer dereference in the...

CVE-2025-61099

FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaqueinfodetail function at ospfopaque.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted LS Update packet...

In FRRouting (FRR) through 9.1 there can be a buffer overflow and daemon crash in ospf_te_parse_ri for OSPF LSA packets during an attempt to read Segment Routing subTLVs (their size is not validated).

...

USN-6679-1 frr vulnerability

It was discovered that FRR incorrectly handled certain malformed OSPF LSA packets. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service...

USN-6436-1 frr vulnerabilities

It was discovered that the FRR did not properly check the attribute length in NRLI. A remote attacker could possibly use this issue to cause a denial of service. CVE-2023-41358 It was discovered that the FRR did not properly manage memory when reading initial bytes of ORF header. A remote attacke...

SUSE CVE-2017-5495

All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an unbounded memory allocation in the telnet 'vty' CLI, leading to a Denial-of-Service of Quagga daemons, or even the entire host. When Quagga daemons are configured with their telnet CLI enabled, anyone who can connect to the TCP port...

CVE-2020-12831

CVE-2020-12831 affects FRRouting FRR up to 7.3.1. The issue arises when using the split-config feature: the init script creates an empty config file with world-readable permissions, enabling potential information leakage via tools/frr.in and tools/frrcommon.sh.in. Some sources label this as user ...

CVE-2019-5892

Vulnerability: CVE-2019-5892 affects FRRouting (FRR) bgpd in versions 2.x/3.x before 3.0.4, 4.x before 4.0.1, 5.x before 5.0.2, and 6.x before 6.0.2. Root cause: ENABLE_BGP_VNC handling for Virtual Network Control does not implement RFC 7606, causing BGP UPDATE packets with attribute 255 to be tr...

ALPINE-CVE-2017-5495

All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an unbounded memory allocation in the telnet 'vty' CLI, leading to a Denial-of-Service of Quagga daemons, or even the entire host. When Quagga daemons are configured with their telnet CLI enabled, anyone who can connect to the TCP port...