Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
frrouting frrouting vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-3748
A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an malicious user to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub...
Frrouting Frrouting
9.8
CVSSv3
CVE-2023-38406
bgpd/bgp_flowspec.c in FRRouting (FRR) prior to 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."
Frrouting Frrouting
5.9
CVSSv3
CVE-2023-46752
An issue exists in FRRouting FRR up to and including 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash.
Frrouting Frrouting
8.1
CVSSv3
CVE-2022-37035
An issue exists in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP packets. ...
Frrouting Frrouting 8.3
9.8
CVSSv3
CVE-2023-41361
An issue exists in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software version.
Frrouting Frrouting
Debian Debian Linux 10.0
9.1
CVSSv3
CVE-2022-37032
An out-of-bounds read in the BGP daemon of FRRouting FRR prior to 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c.
Frrouting Frrouting
Debian Debian Linux 10.0
Debian Debian Linux 11.0
9.1
CVSSv3
CVE-2023-41359
An issue exists in FRRouting FRR up to and including 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP validation.
Frrouting Frrouting
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
7.8
CVSSv3
CVE-2022-26126
Buffer overflow vulnerabilities exist in FRRouting up to and including 8.1.0 due to the use of strdup with a non-zero-terminated binary string in isis_nb_notifications.c.
Frrouting Frrouting
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
5.5
CVSSv3
CVE-2023-31489
An issue found in Frrouting bgpd v.8.4.2 allows a remote malicious user to cause a denial of service via the bgp_capability_llgr() function.
Frrouting Frrouting 8.4.2
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
6.5
CVSSv3
CVE-2022-40302
An issue exists in bgpd in FRRouting (FRR) up to and including 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible ...
Frrouting Frrouting
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »