Lucene search
K

94 matches found

OSV
OSV
added 2026/06/11 12:3 p.m.6 views

RLSA-2026:24371 Important: frr security update

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: denial of service via crafted FlowSpec component CVE-2026-37457 For more details about the security issues, including the...

7.5CVSS5.5AI score0.00389EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/08 11:5 a.m.8 views

frr: denial of service via crafted FlowSpec component

A flaw was found in FRRouting FRR. A remote attacker can exploit an off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function by supplying a specially crafted FlowSpec component. This issue can lead to a Denial of Service DoS...

7.5CVSS5.4AI score0.00389EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.11 views

RHEL 10 : frr (RHSA-2026:24347)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:24347 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR...

7.5CVSS5.6AI score0.00389EPSS
Exploits0References7
SUSE Linux
SUSE Linux
added 2026/05/29 3:36 p.m.14 views

Security update for frr

This update for frr fixes the following issues: CVE-2025-61099: NULL Pointer Dereference in FRRouting bsc1252838. CVE-2025-61100: NULL Pointer Dereference in FRRouting bsc1252829. CVE-2025-61101: NULL Pointer Dereference in FRRouting bsc1252833. CVE-2025-61102: NULL Pointer Dereference in FRRouti...

8.2CVSS5.8AI score0.00582EPSS
Exploits9References40
RedhatCVE
RedhatCVE
added 2026/05/08 2:14 p.m.10 views

CVE-2026-37459

A flaw was found in FRRouting FRR. An unauthenticated remote attacker can exploit an integer underflow vulnerability by supplying a specially crafted BGP Border Gateway Protocol UPDATE message. This issue can lead to a Denial of Service DoS. Mitigation Red Hat has investigated whether a possible...

7.5CVSS5.8AI score0.00371EPSS
Exploits0References4
OSV
OSV
added 2026/05/05 2:33 p.m.5 views

OPENSUSE-SU-2026:20682-1 Security update for frr

This update for frr fixes the following issues: Security issues: - CVE-2025-61099: NULL Pointer Dereference in FRRouting bsc1252838. - CVE-2025-61100: NULL Pointer Dereference in FRRouting bsc1252829. - CVE-2025-61101: NULL Pointer Dereference in FRRouting bsc1252833. - CVE-2025-61102: NULL Point...

7.5CVSS5.4AI score0.00582EPSS
Exploits9References20
SUSE CVE
SUSE CVE
added 2026/05/05 1:45 a.m.9 views

SUSE CVE-2026-37457

An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...

7.5CVSS5.8AI score0.00389EPSS
Exploits0References10
OSV
OSV
added 2026/05/04 4:16 p.m.5 views

DEBIAN-CVE-2026-37458

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

6.5CVSS5.8AI score0.00249EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/04 12:0 a.m.7 views

CVE-2026-37458

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

6.5CVSS5.8AI score0.00249EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/04 12:0 a.m.31 views

CVE-2026-37458

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

0.00249EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-28532

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV parser functions where a uint16t...

6.5CVSS5.5AI score0.00225EPSS
Exploits0References4
NVD
NVD
added 2026/05/01 6:16 p.m.10 views

CVE-2026-37457

An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...

7.5CVSS0.00389EPSS
Exploits0References8
CVE
CVE
added 2026/04/30 8:17 p.m.21 views

CVE-2026-28532

FRRouting before 10.5.3 is affected by an integer overflow in seven OSPF Traffic Engineering and Segment Routing TLV parser functions. A uint16_t accumulator truncates uint32_t values returned by TLV_SIZE(), causing the loop termination condition to fail while pointer advancement continues. An at...

6.5CVSS5.3AI score0.00225EPSS
Exploits0References4Affected Software1
SUSE CVE
SUSE CVE
added 2026/03/31 8:37 a.m.4 views

SUSE CVE-2026-5107

A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function processtype2route of the file bgpd/bgpevpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The attack is considered to ha...

4.2CVSS5.3AI score0.00279EPSS
Exploits0References9
NVD
NVD
added 2026/03/30 6:16 a.m.5 views

CVE-2026-5107

A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function processtype2route of the file bgpd/bgpevpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The attack is considered to ha...

4.2CVSS0.00279EPSS
Exploits0References6
SUSE Linux
SUSE Linux
added 2026/03/26 8:58 a.m.4 views

Security update for frr

This update for frr fixes the following issues: CVE-2025-61099: NULL Pointer Dereference in FRRouting bsc1252838. CVE-2025-61100: NULL Pointer Dereference in FRRouting bsc1252829. CVE-2025-61101: NULL Pointer Dereference in FRRouting bsc1252833. CVE-2025-61102: NULL Pointer Dereference in FRRouti...

8.2CVSS5.8AI score0.00582EPSS
Exploits9References36
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : frr-8.3.1-11.el9.ML.1 (AXSA:2023-6853:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6853:07 advisory. frr: Reachable assertion in peekforas4capability function CVE-2022-36440 frr: denial of service by crafting a BGP OPEN message with an option of typ...

7.5CVSS5.6AI score0.02107EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.7 views

Siemens Ruggedcom ROX Out-of-bounds Read (CVE-2022-37032)

An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgpcapabilitymsgparse in bgpd/bgppacket.c. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

9.1CVSS7.9AI score0.01578EPSS
Exploits1References3
Microsoft CVE
Microsoft CVE
added 2025/10/31 8:11 a.m.7 views

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_link_info function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.

...

7.5CVSS7AI score0.00457EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2025/10/30 12:23 a.m.6 views

SUSE CVE-2025-61102

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the showvtyextlinkadjsid function at ospfext.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted OSPF packet...

5.9CVSS7.1AI score0.00457EPSS
Exploits1References8
Rows per page
Query Builder