7 matches found
frr - BGP
[email protected] reports: An issue was discovered in FRRouting FRR. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...
CVE-2023-47235
An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw outcome...
Important: Red Hat Security Advisory: frr security update
An update for frr is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
DEBIAN-CVE-2023-31490
An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgpattrpsidsub function...
UBUNTU-CVE-2022-43681
An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet or the option length word, in case of an extended OPEN message, the FRR code reads of out of the bounds of the packet, throwing a SIGABRT...
USN-5685-1: FRR vulnerabilities
It was discovered that FRR incorrectly handled parsing certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. CVE-2022-37032 It was discovered that FRR incorrectly handled processing certain BGP messages. A remote attacker...
CVE-2019-5892
bgpd in FRRouting FRR aka Free Range Routing 2.x and 3.x before 3.0.4, 4.x before 4.0.1, 5.x before 5.0.2, and 6.x before 6.0.2 not affecting Cumulus Linux or VyOS, when ENABLEBGPVNC is used for Virtual Network Control, allows remote attackers to cause a denial of service peering session flap via...