6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
39.5%
An out-of-bounds read exists in the BGP daemon of FRRouting FRR through
8.4. When sending a malformed BGP OPEN message that ends with the option
length octet (or the option length word, in case of an extended OPEN
message), the FRR code reads of out of the bounds of the packet, throwing a
SIGABRT signal and exiting. This results in a bgpd daemon restart, causing
a Denial-of-Service condition.
Author | Note |
---|---|
mdeslaur | Commits below fix CVE-2022-40302, CVE-2022-40318, CVE-2022-43681 Introduced by https://github.com/FRRouting/frr/commit/d08c0c8077fbb3e100ed2e87927edec1a09d224b |