USN-8348-1: GoBGP vulnerabilities

It was discovered that GoBGP incorrectly handled certain specially crafted BGP UPDATE messages. A remote attacker could possibly use this issue to cause GoBGP to crash, resulting in a denial of service. CVE-2026-37461 Yanlei Wang discovered that GoBGP incorrectly handled certain malformed BGP...

USN-8348-1 gobgp vulnerabilities

It was discovered that GoBGP incorrectly handled certain specially crafted BGP UPDATE messages. A remote attacker could possibly use this issue to cause GoBGP to crash, resulting in a denial of service. CVE-2026-37461 Yanlei Wang discovered that GoBGP incorrectly handled certain malformed BGP...

SUSE CVE-2026-7734

A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...

GHSA-VM3G-8XWV-MXFP GoBGP has an Improper Resource Shutdown or Release

A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...

CVE-2026-7734

A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...

CVE-2026-7734 osrg GoBGP SRv6 L3 Service prefix_sid.go SRv6L3ServiceAttribute.DecodeFromBytes denial of service

A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...

EUVD-2026-26914

A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...

CVE-2026-7734

The CVE-2026-7734 affects osrg GoBGP up to 4.3.0, specifically the SRv6 L3 Service component’s DecodeFromBytes function in pkg/packet/bgp/prefix_sid.go. The issue allows remote manipulation of input data to trigger a denial of service. A fix is available in GoBGP v4.4.0, with the patch identified...

CVE-2026-7734 osrg GoBGP SRv6 L3 Service prefix_sid.go SRv6L3ServiceAttribute.DecodeFromBytes denial of service

A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...

Linux Distros Unpatched Vulnerability : CVE-2026-23442

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: add NULL checks for idev in SRv6 paths in6devget can return NULL when the device has no IPv6 configuration e.g. MTU IPV6MINMTU or after NETDEVUNREGISTER...

EUVD-2025-2562

Malicious code in bioql PyPI...

CVE-2023-53343

CVE-2023-53343: Linux kernel vulnerability where icmp6_dev() dereferences ip6_null_entry->rt6i_idev, potentially enabling NULL pointer dereference when processing IPv6 Extension Headers (RPL/SRv6). Impact is local (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) with available mitigation by upgrading to ...

Linux Distros Unpatched Vulnerability : CVE-2022-48687

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix out-of-bounds read when setting HMAC data. The SRv6 layer allows defining HMA...

CVE-2025-21593 Junos OS and Junos OS Evolved: On SRv6 enabled devices, an attacker sending a malformed BGP update can cause the rpd to crash

An Improper Control of a Resource Through its Lifetime vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial-of-Service DoS. On devices with SRv6 Segment Routing over IPv6 enabled, an...

CVE-2025-21593 Junos OS and Junos OS Evolved: On SRv6 enabled devices, an attacker sending a malformed BGP update can cause the rpd to crash

An Improper Control of a Resource Through its Lifetime vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial-of-Service DoS. On devices with SRv6 Segment Routing over IPv6 enabled, an...

CVE-2025-21593

Summary (supported by provided documents): CVE-2025-21593 is an improper resource lifecycle control vulnerability in Juniper Junos OS and Junos OS Evolved dengan rpd, exploitable by an unauthenticated network attacker on devices with SRv6 enabled. The attacker can send malformed BGP UPDATE packet...

CVE-2022-48687

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix out-of-bounds read when setting HMAC data. The SRv6 layer allows defining HMAC data that can later be used to sign IPv6 Segment Routing Headers. This configuration is realised via netlink through four attributes:...

CVE-2022-48687 ipv6: sr: fix out-of-bounds read when setting HMAC data.

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix out-of-bounds read when setting HMAC data. The SRv6 layer allows defining HMAC data that can later be used to sign IPv6 Segment Routing Headers. This configuration is realised via netlink through four attributes:...

CVE-2022-48687

CVE-2022-48687 affects the Linux kernel SRv6 HMAC configuration. The vulnerability stems from the SECRETLEN length being decoupled from SECRET, allowing invalid combinations (e.g., secret="", secretlen=64) that an attacker can craft via netlink to trigger an out-of-bounds read of up to 64 bytes p...

CVE-2022-22228 Junos OS: IPv6 OAM SRv6 network-enabled devices are vulnerable to Denial of Service (DoS) due to RPD memory leak upon receipt of specific a IPv6 packet

An Improper Validation of Specified Type of Input vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS allows an attacker to cause an RPD memory leak leading to a Denial of Service DoS. This memory leak only occurs when the attacker's packets are destined to any configure...