Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
frrouting frrouting vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-41909
An issue exists in FRRouting FRR up to and including 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference.
Frrouting Frrouting
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
NA
CVE-2023-38802
FRRouting FRR 7.5.1 up to and including 9.0 and Pica8 PICOS 4.3.3.2 allow a remote malicious user to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation).
Frrouting Frrouting
Pica8 Picos 4.3.3.2
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
NA
CVE-2023-41360
An issue exists in FRRouting FRR up to and including 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation.
Frrouting Frrouting
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
NA
CVE-2023-41358
An issue exists in FRRouting FRR up to and including 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero.
Frrouting Frrouting
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
NA
CVE-2023-41359
An issue exists in FRRouting FRR up to and including 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP validation.
Frrouting Frrouting
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
NA
CVE-2023-41361
An issue exists in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software version.
Frrouting Frrouting
Debian Debian Linux 10.0
NA
CVE-2023-3748
A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an malicious user to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub...
Frrouting Frrouting
NA
CVE-2023-31489
An issue found in Frrouting bgpd v.8.4.2 allows a remote malicious user to cause a denial of service via the bgp_capability_llgr() function.
Frrouting Frrouting 8.4.2
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
NA
CVE-2023-31490
An issue found in Frrouting bgpd v.8.4.2 allows a remote malicious user to cause a denial of service via the bgp_attr_psid_sub() function.
Frrouting Frrouting 8.4.2
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
NA
CVE-2022-40302
An issue exists in bgpd in FRRouting (FRR) up to and including 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible ...
Frrouting Frrouting
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »