Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
frrouting frrouting vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-26126
Buffer overflow vulnerabilities exist in FRRouting up to and including 8.1.0 due to the use of strdup with a non-zero-terminated binary string in isis_nb_notifications.c.
Frrouting Frrouting
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
7.5
CVSSv3
CVE-2023-38407
bgpd/bgp_label.c in FRRouting (FRR) prior to 8.5 attempts to read beyond the end of the stream during labeled unicast parsing.
Frrouting Frrouting
7.5
CVSSv3
CVE-2023-47234
An issue exists in FRRouting FRR up to and including 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (that lacks mandatory path attributes).
Frrouting Frrouting
7.5
CVSSv3
CVE-2023-47235
An issue exists in FRRouting FRR up to and including 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw outcome.
Frrouting Frrouting
7.5
CVSSv3
CVE-2023-41909
An issue exists in FRRouting FRR up to and including 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference.
Frrouting Frrouting
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
7.5
CVSSv3
CVE-2023-38802
FRRouting FRR 7.5.1 up to and including 9.0 and Pica8 PICOS 4.3.3.2 allow a remote malicious user to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation).
Frrouting Frrouting
Pica8 Picos 4.3.3.2
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
7.5
CVSSv3
CVE-2023-41358
An issue exists in FRRouting FRR up to and including 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero.
Frrouting Frrouting
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
7.5
CVSSv3
CVE-2023-3748
A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an malicious user to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub...
Frrouting Frrouting
7.5
CVSSv3
CVE-2023-31490
An issue found in Frrouting bgpd v.8.4.2 allows a remote malicious user to cause a denial of service via the bgp_attr_psid_sub() function.
Frrouting Frrouting 8.4.2
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
7.5
CVSSv3
CVE-2022-36440
A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peek_for_as4_capability function. Attackers can maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in DoS.
Frrouting Frrouting 8.3
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »