Linux Distros Unpatched Vulnerability : CVE-2025-43972

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a...

CVE-2025-43970

An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes depending on the address family...

SUSE CVE-2025-43972

An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context...

GHSA-MFVV-MGF6-Q25R GoBGP crashes in the flowspec parser

An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context...

GHSA-C5JG-WR5V-2WP2 GoBGP does not verify that the input length

An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds to a situation in which all bytes are available for an RTR message...

GoBGP does not properly check the input length

An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes depending on the address family...

CVE-2025-43970

An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes depending on the address family...

GoBGP 安全漏洞

GoBGP is an open source Border Gateway Protocol BGP implementation from osrg open source. A security vulnerability exists in GoBGP versions prior to 3.35.0 that stems from pkg/packet/mrt/mrt.go not properly checking input length...

PT-2025-17425 · Gobgp +4 · Gobgp +4

Name of the Vulnerable Software and Affected Versions: GoBGP versions prior to 3.35.0 Description: An issue was discovered that allows attackers to cause a panic via a zero value for softwareVersionLen. Recommendations: For versions prior to 3.35.0, update to version 3.35.0 or later to resolve th...

PT-2025-17424 · Gobgp +4 · Gobgp +4

Name of the Vulnerable Software and Affected Versions: GoBGP versions prior to 3.35.0 Description: The issue arises from improper input length checking in the pkg/packet/mrt/mrt.go file, specifically failing to ensure the presence of 12 bytes or 36 bytes depending on the address family...