Lucene search
K

11 matches found

Veracode
Veracode
added 2024/04/19 10:34 a.m.26 views

Denial Of Service (DoS)

FRRouting/frr is vulnerable to Denial of Service DoS. This vulnerability occurs due to improper handling of the Prefix SID attribute in the bgpattrmalformed function within bgpattr.c, leading to a crash of the bgpd daemon...

6.5CVSS6.3AI score0.00825EPSS
Exploits0References4Affected Software2
RedhatCVE
RedhatCVE
added 2023/11/06 8:27 p.m.79 views

CVE-2023-47235

An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and...

7.5CVSS7.4AI score0.00685EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2023/08/29 12:0 a.m.22 views

CVE-2023-41361

An issue was discovered in FRRouting FRR 9.0. bgpd/bgpopen.c does not check for an overly large length of the rcv software version...

9.8CVSS7.6AI score0.00773EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/05/15 12:0 a.m.26 views

Oracle Linux 9 : frr (ELSA-2023-2202)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-2202 advisory. 8.3.1-5 - Resolves: 2147522 - It is not possible to run FRR as a non-root user 8.3.1-4 - Resolves: 2144500 - AVC error when reloading FRR with provided reload...

9.1CVSS7.8AI score0.01578EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/04/21 12:0 a.m.31 views

Fedora 37 : frr (2023-2cb0f34efe)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-2cb0f34efe advisory. New version 8.5 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

7.5CVSS7.3AI score0.01624EPSS
Exploits1References2
Prion
Prion
added 2023/04/03 4:15 p.m.20 views

Authentication flaw

A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peekforas4capability function. Attackers can maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in DoS...

5CVSS7.2AI score0.01624EPSS
Exploits1References7Affected Software3
UbuntuCve
UbuntuCve
added 2023/04/03 4:15 p.m.39 views

CVE-2022-36440

A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peekforas4capability function. Attackers can maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in DoS...

7.5CVSS7AI score0.01624EPSS
Exploits1References2
OSV
OSV
added 2022/11/15 12:0 a.m.23 views

ALSA-2022:8112 Moderate: frr security, bug fix, and enhancement update

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. The following packages have been upgraded to a later upstream version: frr 8.2.2. BZ2069563 Security Fixes: frrouting: overflow bugs in...

7.8CVSS8AI score0.01007EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2022/09/19 10:15 p.m.31 views

CVE-2022-37032

An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgpcapabilitymsgparse in bgpd/bgppacket.c...

9.1CVSS7.1AI score0.01578EPSS
Exploits1References4
CNVD
CNVD
added 2020/05/14 12:0 a.m.11 views

FRRouting FRR Information Disclosure Vulnerability

FRRouting FRR is a set of software that implements and manages various IPV4 and IPV6 routing protocols. A security vulnerability exists in the split-config feature in FRRouting FRR 7.3.1 and prior versions, which stems from the fact that when the split-config feature is used, the init script...

5.3CVSS5.1AI score0.01397EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2019/01/10 5:0 p.m.19 views

CVE-2019-5892

bgpd in FRRouting FRR aka Free Range Routing 2.x and 3.x before 3.0.4, 4.x before 4.0.1, 5.x before 5.0.2, and 6.x before 6.0.2 not affecting Cumulus Linux or VyOS, when ENABLEBGPVNC is used for Virtual Network Control, allows remote attackers to cause a denial of service peering session flap via...

6.5CVSS6.5AI score0.02718EPSS
Exploits0
Rows per page
Query Builder