Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.10 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : FRR vulnerabilities (USN-8376-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8376-1 advisory. It was discovered that FRR incorrectly handled certain OSPF Traffic Engineering and Segment Routing TLVs. An attacker cou...

7.5CVSS5.7AI score0.00389EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.15 views

PT-2026-43275

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.2.10 Description Multiple out-of-bounds reads exist in the BGP MP REACH NLRI IPv6 attribute decoder. The decode mp reach ipv6 function in src/bgp protocol.cpp casts raw pointers to structure typ...

7.5CVSS5.9AI score0.00283EPSS
Exploits0References6
OSV
OSV
added 2026/05/04 4:16 p.m.5 views

UBUNTU-CVE-2026-37458

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

6.5CVSS5.8AI score0.00249EPSS
Exploits0References3
OSV
OSV
added 2025/11/06 9:19 a.m.6 views

CLSA-2025-1762420748 frr: Fix of 4 CVEs

CVE-2023-41358: fix crash when processing NLRIs with zero attribute length - CVE-2023-47235: fix EOR handling to avoid unwanted processing of malformed attributes - CVE-2023-46753: fix mandatory attributes check for UPDATE messages with unknown transit attributes - CVE-2023-47234: fix handling...

7.5CVSS7.3AI score0.01058EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/04/30 10:28 a.m.4 views

frr: processes invalid NLRIs if attribute length is zero

A flaw was found in FRRouting, where it is susceptible to a denial of service vulnerability triggered by a NULL pointer dereference issue during the processing of Network Layer Reachability Information NLRIs with a zero attribute length. The vulnerability arises from inadequate validation of...

7.5CVSS5.7AI score0.01058EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2023/11/07 8:0 a.m.5 views

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (that lacks mandatory path attributes).

...

7.5CVSS7.7AI score0.00911EPSS
Exploits0
OSV
OSV
added 2023/11/06 6:15 a.m.5 views

UBUNTU-CVE-2023-38406

bgpd/bgpflowspec.c in FRRouting FRR before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."...

9.8CVSS7.2AI score0.00939EPSS
Exploits0References5
OSV
OSV
added 2023/11/03 9:15 p.m.9 views

AZL-34690 CVE-2023-47234 affecting package frr for versions less than 9.1-2

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes...

7.5CVSS7.2AI score0.00911EPSS
Exploits0References1
OSV
OSV
added 2023/08/29 4:15 a.m.1 views

DEBIAN-CVE-2023-41358

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero...

7.5CVSS7.6AI score0.01058EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2019/10/03 3:49 p.m.2 views

CVE-2018-16230

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpattrprint MPREACHNLRI...

7.1AI score0.03891EPSS
Exploits0References16
Rows per page
Query Builder