Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
frrouting frrouting vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-15865
bgpd in FRRouting (FRR) prior to 2.0.2 and 3.x prior to 3.0.2, as used in Cumulus Linux prior to 3.4.3 and other products, allows remote malicious users to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a...
Frrouting Frrouting 3.0
Frrouting Frrouting
Frrouting Frrouting 3.0.1
6.5
CVSSv3
CVE-2022-43681
An out-of-bounds read exists in the BGP daemon of FRRouting FRR up to and including 8.4. When sending a malformed BGP OPEN message that ends with the option length octet (or the option length word, in case of an extended OPEN message), the FRR code reads of out of the bounds of t...
Frrouting Frrouting
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
1 Github repository
6.5
CVSSv3
CVE-2022-40302
An issue exists in bgpd in FRRouting (FRR) up to and including 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible ...
Frrouting Frrouting
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
1 Github repository
6.5
CVSSv3
CVE-2022-40318
An issue exists in bgpd in FRRouting (FRR) up to and including 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible ...
Frrouting Frrouting
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
6.5
CVSSv3
CVE-2019-5892
bgpd in FRRouting FRR (aka Free Range Routing) 2.x and 3.x prior to 3.0.4, 4.x prior to 4.0.1, 5.x prior to 5.0.2, and 6.x prior to 6.0.2 (not affecting Cumulus Linux or VyOS), when ENABLE_BGP_VNC is used for Virtual Network Control, allows remote malicious users to cause a denia...
Frrouting Frrouting
Frrouting Frrouting 4.0
5.9
CVSSv3
CVE-2023-46752
An issue exists in FRRouting FRR up to and including 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash.
Frrouting Frrouting
5.9
CVSSv3
CVE-2023-46753
An issue exists in FRRouting FRR up to and including 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute.
Frrouting Frrouting
5.5
CVSSv3
CVE-2023-31489
An issue found in Frrouting bgpd v.8.4.2 allows a remote malicious user to cause a denial of service via the bgp_capability_llgr() function.
Frrouting Frrouting 8.4.2
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
5.3
CVSSv3
CVE-2020-12831
An issue exists in FRRouting FRR (aka Free Range Routing) up to and including 7.3.1. When using the split-config feature, the init script creates an empty config file with world-readable default permissions, leading to a possible information leak via tools/frr.in and tools/frrcom...
Linuxfoundation Free Range Routing
NA
CVE-2024-34088
In FRRouting (FRR) up to and including 9.1, it is possible for the get_edge() function in ospf_te.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »