Important: Red Hat Security Advisory: frr10 security update

An update for frr10 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

CVE-2026-37460

Missing input validation in the rfapiRibBi2Ri function rfapirib.c of FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

CVE-2026-37461

An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

CVE-2008-2169

Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service dropped session via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372...

CVE-2008-2170

Unspecified vulnerability in Century routers allows remote attackers to cause a denial of service dropped session via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372...

frr security update

7.5.1-22.0.1 - Fix POSTIN scriptlet Orabug: 34712485 - Resolves: RHEL-15916 - Flowspec overflow in bgpd/bgpflowspec.c - Resolves: RHEL-15919 - Out of bounds read in bgpd/bgplabel.c - Resolves: RHEL-15869 - crash from specially crafted MPUNREACHNLRI-containing BGP UPDATE message - Resolves:...

Code injection

The BGP daemon bgpd in IP Infusion ZebOS through 7.10.6 allow remote attackers to cause a denial of service by sending crafted BGP update messages containing a malformed attribute...

CVE-2023-45886

The BGP daemon bgpd in IP Infusion ZebOS through 7.10.6 allow remote attackers to cause a denial of service by sending crafted BGP update messages containing a malformed attribute...

CVE-2023-45886

The CVE-2023-45886 issue affects the BGP daemon (bgpd) in IP Infusion ZebOS up to version 7.10.6. It allows remote attackers to cause a DoS by sending crafted BGP UPDATE messages with a malformed attribute. Public sources (Red Hat advisory, CERT VU, and F5/K000137315) corroborate the vulnerabilit...

Fedora 37 : frr (2023-ce436d56f8)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ce436d56f8 advisory. New version 8.5.3. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

Denial Of Service (DoS)

libfrr.so is vulnerable to Denial Of service attack. The vulnerability arises due to a lack of validation the bgpattrcheck method. Am attacker can cause a crash by sending a crafted BGP UPDATE message...

CVE-2023-47234

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes...

CVE-2023-4481 Junos OS and Junos OS Evolved: A crafted BGP UPDATE message allows a remote attacker to de-peer (reset) BGP sessions (CVE-2023-4481)

An Improper Input Validation vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When certain specific crafted BGP UPDATE messages are received over an established BG...

CVE-2023-38802

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...

CVE-2022-40302

An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...

Ubuntu 22.04 LTS : FRR vulnerabilities (USN-5685-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5685-1 advisory. It was discovered that FRR incorrectly handled parsing certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash,...

CVE-2022-37035

A flaw was found in bgpd in FRRouting FRR. There is a possible use-after-free issue due to a race condition in bgpnotifysendwithdata and bgpprocesspacket in bgppacket.c. This issue can lead to remote code execution or information disclosure by sending crafted BGP packets...

Race condition

A vulnerability with the Border Gateway Protocol BGP for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service DoS condition. This...

CVE-2021-1230 Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability

A vulnerability with the Border Gateway Protocol BGP for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service DoS condition. This...

Junos OS: RPD daemon crashes due to receipt of crafted BGP NOTIFICATION messages

Junos OS routing protocol daemon RPD process may crash and restart or may lead to remote code execution while processing specific BGP NOTIFICATION messages. By continuously sending crafted BGP NOTIFICATION messages, an attacker can repeatedly crash the RPD process causing a sustained Denial of...