Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
frrouting frrouting vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2023-46752
An issue exists in FRRouting FRR up to and including 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash.
Frrouting Frrouting
5.9
CVSSv3
CVE-2023-46753
An issue exists in FRRouting FRR up to and including 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute.
Frrouting Frrouting
7.5
CVSSv3
CVE-2023-41909
An issue exists in FRRouting FRR up to and including 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference.
Frrouting Frrouting
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
7.5
CVSSv3
CVE-2023-38802
FRRouting FRR 7.5.1 up to and including 9.0 and Pica8 PICOS 4.3.3.2 allow a remote malicious user to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation).
Frrouting Frrouting
Pica8 Picos 4.3.3.2
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
7.5
CVSSv3
CVE-2023-41358
An issue exists in FRRouting FRR up to and including 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero.
Frrouting Frrouting
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
9.1
CVSSv3
CVE-2023-41359
An issue exists in FRRouting FRR up to and including 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP validation.
Frrouting Frrouting
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
9.1
CVSSv3
CVE-2023-41360
An issue exists in FRRouting FRR up to and including 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation.
Frrouting Frrouting
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
9.8
CVSSv3
CVE-2023-41361
An issue exists in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software version.
Frrouting Frrouting
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2023-3748
A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an malicious user to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub...
Frrouting Frrouting
5.5
CVSSv3
CVE-2023-31489
An issue found in Frrouting bgpd v.8.4.2 allows a remote malicious user to cause a denial of service via the bgp_capability_llgr() function.
Frrouting Frrouting 8.4.2
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »