SUSE CVE-2026-41642

GoBGP is an open source Border Gateway Protocol BGP implementation in the Go Programming Language. In version 4.3.0, a remote Denial of Service DoS vulnerability exists in GoBGP due to a nil pointer dereference. When a malformed BGP UPDATE message contains an unrecognized Path Attribute marked as...

DEBIAN-CVE-2026-41642

GoBGP is an open source Border Gateway Protocol BGP implementation in the Go Programming Language. In version 4.3.0, a remote Denial of Service DoS vulnerability exists in GoBGP due to a nil pointer dereference. When a malformed BGP UPDATE message contains an unrecognized Path Attribute marked as...

CVE-2026-42285

GoBGP CVE-2026-42285 causes a panic (nil pointer dereference) in AdjRib.Update when a remote unauthenticated BGP UPDATE message with inconsistent/short attribute lengths is processed as a withdraw, crashing the GoBGP process and causing DoS. The issue is triggered in version 4.4.0 and has a fix i...

DEBIAN-CVE-2023-47235

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw outcome...

PT-2023-18423 · Snap One · Snap One Wattbox Wb-300-Ip-3

Name of the Vulnerable Software and Affected Versions: Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior Description: The issue concerns a proprietary local area network LAN protocol used by the device that does not verify updates. This allows an attacker to upload a malformed update file...

Junos OS: rpd daemon cores due to malformed BGP UPDATE packet

Junos OS may be impacted by the receipt of a malformed BGP UPDATE which can lead to a routing process daemon rpd crash and restart. Receipt of a repeated malformed BGP UPDATEs can result in an extended denial of service condition for the device. This malformed BGP UPDATE does not propagate to oth...