Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
frrouting frrouting vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-31948
In FRRouting (FRR) up to and including 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash.
NA
CVE-2024-31949
In FRRouting (FRR) up to and including 9.1, an infinite loop can occur when receiving a MP/GR capability as a dynamic capability because malformed data results in a pointer not advancing.
NA
CVE-2024-31950
In FRRouting (FRR) up to and including 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ri for OSPF LSA packets during an attempt to read Segment Routing subTLVs (their size is not validated).
NA
CVE-2024-31951
In the Opaque LSA Extended Link parser in FRRouting (FRR) up to and including 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs (lengths are not validated).
NA
CVE-2024-27913
ospf_te_parse_te in ospfd/ospf_te.c in FRRouting (FRR) up to and including 9.1 allows remote malicious users to cause a denial of service (ospfd daemon crash) via a malformed OSPF LSA packet, because of an attempted access to a missing attribute field.
NA
CVE-2023-38406
bgpd/bgp_flowspec.c in FRRouting (FRR) prior to 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."
Frrouting Frrouting
NA
CVE-2023-38407
bgpd/bgp_label.c in FRRouting (FRR) prior to 8.5 attempts to read beyond the end of the stream during labeled unicast parsing.
Frrouting Frrouting
NA
CVE-2023-47234
An issue exists in FRRouting FRR up to and including 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (that lacks mandatory path attributes).
Frrouting Frrouting
NA
CVE-2023-47235
An issue exists in FRRouting FRR up to and including 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw outcome.
Frrouting Frrouting
NA
CVE-2023-46752
An issue exists in FRRouting FRR up to and including 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash.
Frrouting Frrouting
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »