bgpd in FRRouting (FRR) prior to 2.0.2 and 3.x prior to 3.0.2, as used in Cumulus Linux prior to 3.4.3 and other products, allows remote malicious users to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes because of a mishandled attribute length, aka RN-690 (CM-18492).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
frrouting frrouting 3.0 |
||
frrouting frrouting |
||
frrouting frrouting 3.0.1 |