CLSA-2026-1777946639 quagga: Fix of CVE-2018-5381

CVE-2018-5381: bgpd capability parser can enter an infinite loop on invalid OPEN messages whose Multi-Protocol capability has an unrecognized AFI/SAFI, causing a denial of service...

CVE-2026-5122

A flaw was found in osrg GoBGP. A remote attacker could exploit a vulnerability in the BGP OPEN Message Handler by manipulating the domainNameLen argument within the DecodeFromBytes function. This could lead to improper access controls, potentially allowing unauthorized access or modification of...

Linux Distros Unpatched Vulnerability : CVE-2026-5122

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security flaw has been discovered in osrg GoBGP up to 4.3.0. This affects the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component BGP...

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the CapFQDN.DecodeFromBytes function of the BGP OPEN Message Handler. An attacker can bypass intended access controls by manipulating the domainNameLen argument remotely, potentially resulting in...

EUVD-2026-17091

A security flaw has been discovered in osrg GoBGP up to 4.3.0. This affects the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component BGP OPEN Message Handler. Performing a manipulation of the argument domainNameLen results in improper access controls. The attack may be...

CVE-2026-5122

The CVE affects osrg GoBGP ≤ 4.3.0, specifically the BGP OPEN Message Handler in pkg/packet/bgp/bgp.go DecodeFromBytes. Manipulating the domainNameLen argument results in improper access controls, potentially enabling remote exploitation. The attack is described with a high complexity requirement...

CVE-2026-5122 osrg GoBGP BGP OPEN Message bgp.go DecodeFromBytes access control

A security flaw has been discovered in osrg GoBGP up to 4.3.0. This affects the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component BGP OPEN Message Handler. Performing a manipulation of the argument domainNameLen results in improper access controls. The attack may be...

CVE-2026-5122 osrg GoBGP BGP OPEN Message bgp.go DecodeFromBytes access control

A security flaw has been discovered in osrg GoBGP up to 4.3.0. This affects the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component BGP OPEN Message Handler. Performing a manipulation of the argument domainNameLen results in improper access controls. The attack may be...

CVE-2026-22886

OpenMQ exposes a TCP-based management service imqbrokerd that by default requires authentication. However, the product ships with a default administrative account admin/ admin and does not enforce a mandatory password change on first use. After the first successful login, the server continues to...

PT-2026-29028

Name of the Vulnerable Software and Affected Versions osrg GoBGP versions through 4.3.0 Description A security issue exists in osrg GoBGP up to version 4.3.0. The issue resides in the DecodeFromBytes function within the pkg/packet/bgp/bgp.go file, specifically in the BGP OPEN Message Handler...

An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.

...

frr: out-of-bounds read exists in the BGP daemon of FRRouting

An out-of-bounds read flaw exists in the BGP daemon of FRRouting. When sending a malformed BGP OPEN message that ends with the option length octet or the option length word, in case of an extended OPEN message, the FRR code reads out of the bounds of the packet, throwing a SIGABRT signal and...

Moderate: Red Hat Security Advisory: frr security and bug fix update

An update for frr is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

frr: denial of service by crafting a BGP OPEN message with an option of type 0xff

A vulnerability was found in FRRouting. The issue occurs in bgpd in FRRouting FRR. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart or out-of-bounds read. This flaw is possible du...

Denial Of Service

libfrr.so is vulnerable to Denial Of Service attack. This is possible because of an inconsistent boundary check. Attackers can cause an out of bound read by BGP OPEN message with an option of type 0xff...

Denial Of Service

libfrr.so is vulnerable to Denial of Service attack. When sending a malformed BGP OPEN message that ends with optional length octet, an out of bounds read can occur which throws an error. This results into an application crash leading to DoS attack...

Denial Of Service (DoS)

frr is vulnerable to Denial of Service DoS attacks. By crafting a BGP OPEN message with an option of type 0xff, an attacker is able to cause a denial of service conditions due to inconsistent boundary checks that do not account for reading 3 bytes instead of 2 in this 0xff case...

SUSE CVE-2022-40302

An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...

DEBIAN-CVE-2022-43681

An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet or the option length word, in case of an extended OPEN message, the FRR code reads of out of the bounds of the packet, throwing a SIGABRT...

CVE-2022-43681

An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet or the option length word, in case of an extended OPEN message, the FRR code reads of out of the bounds of the packet, throwing a SIGABRT...