Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : FRR vulnerabilities (USN-8376-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8376-1 advisory. It was discovered that FRR incorrectly handled certain OSPF Traffic Engineering and Segment Routing TLVs. An attacker cou...

PT-2026-43275

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.2.10 Description Multiple out-of-bounds reads exist in the BGP MP REACH NLRI IPv6 attribute decoder. The decode mp reach ipv6 function in src/bgp protocol.cpp casts raw pointers to structure typ...

UBUNTU-CVE-2026-37458

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

CLSA-2025-1762420748 frr: Fix of 4 CVEs

CVE-2023-41358: fix crash when processing NLRIs with zero attribute length - CVE-2023-47235: fix EOR handling to avoid unwanted processing of malformed attributes - CVE-2023-46753: fix mandatory attributes check for UPDATE messages with unknown transit attributes - CVE-2023-47234: fix handling...

frr: processes invalid NLRIs if attribute length is zero

A flaw was found in FRRouting, where it is susceptible to a denial of service vulnerability triggered by a NULL pointer dereference issue during the processing of Network Layer Reachability Information NLRIs with a zero attribute length. The vulnerability arises from inadequate validation of...

frr: mishandled malformed data leading to a crash

A data mishandling vulnerability was found in FRRouting. A malformed MPREACHNLRI data can lead to a crash, resulting in a denial of service...

frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message

A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes...

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (that lacks mandatory path attributes).

...

UBUNTU-CVE-2023-38406

bgpd/bgpflowspec.c in FRRouting FRR before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."...

AZL-34690 CVE-2023-47234 affecting package frr for versions less than 9.1-2

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes...

DEBIAN-CVE-2023-41358

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero...

CVE-2018-16230

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpattrprint MPREACHNLRI...

CVE-2019-15135

The handshake protocol in Object Management Group OMG DDS Security 1.1 sends cleartext information about all of the capabilities of a participant including capabilities inapplicable to the current session, which makes it easier for attackers to discover potentially sensitive reachability...

CVE-2019-15135

The handshake protocol in Object Management Group OMG DDS Security 1.1 sends cleartext information about all of the capabilities of a participant including capabilities inapplicable to the current session, which makes it easier for attackers to discover potentially sensitive reachability...

Design/Logic Flaw

The handshake protocol in Object Management Group OMG DDS Security 1.1 sends cleartext information about all of the capabilities of a participant including capabilities inapplicable to the current session, which makes it easier for attackers to discover potentially sensitive reachability...

Cisco IOS BGP Attribute Corruption Vulnerability - Cisco Systems

A Border Gateway Protocol BGP UPDATE contains Network Layer Reachability Information NLRI and attributes that describe the path to the destination. An unrecognized transitive attribute can cause failures in Cisco IOS routers, ranging from a crash upon receipt of the unrecognized transitive...