12 matches found
CLSA-2025-1762363302 frr: Fix of 4 CVEs
CVE-2022-36440: fix heap-buffer-overflow in peekforas4capability when reading BGP OPEN extended optional parameters - CVE-2023-31490: fix insufficient stream data validation in BGP prefix SID attributes processing - CVE-2023-38407: fix out-of-bounds read in BGP labeled unicast parsing -...
ffr: Out of bounds read in bgpd/bgp_label.c
An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service...
ffr: Out of bounds read in bgpd/bgp_label.c
An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service...
ffr: Out of bounds read in bgpd/bgp_label.c
An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service...
RHEL 8 : frr (RHSA-2024:1113)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1113 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR,...
ffr: Out of bounds read in bgpd/bgp_label.c
An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service...
ffr: Out of bounds read in bgpd/bgp_label.c
An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service...
DEBIAN-CVE-2023-38407
bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...
CVE-2023-38407
bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...
CVE-2023-38407
bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...
CVE-2023-38407
bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...
PT-2023-9206 · Frrouting +9 · Frrouting +9
Name of the Vulnerable Software and Affected Versions: FRRouting versions prior to 8.5 Description: The issue is related to the bgpd/bgp label.c file in FRRouting, which attempts to read beyond the end of the stream during labeled unicast parsing. This can be exploited by a remote attacker to cau...