Search CVE reports


Toggle filters

21 – 30 of 34 results


CVE-2023-31490

Medium priority
Fixed

An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub() function.

1 affected package

frr

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
frr Not affected Fixed Fixed Not in release
Show less packages

CVE-2023-31489

Medium priority
Fixed

An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function.

1 affected package

frr

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
frr Not affected Not affected Not in release
Show less packages

CVE-2022-43681

Medium priority
Not affected

An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet (or the option length word, in case of an extended OPEN message), the...

1 affected package

frr

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
frr Not affected Not affected Not in release
Show less packages

CVE-2022-40318

Medium priority
Not affected

An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon...

1 affected package

frr

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
frr Not affected Not affected Not in release
Show less packages

CVE-2022-40302

Medium priority
Not affected

An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon...

1 affected package

frr

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
frr Not affected Not affected Not in release
Show less packages

CVE-2022-36440

Medium priority
Not affected

A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peek_for_as4_capability function. Attackers can maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in DoS.

1 affected package

frr

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
frr Not affected Not affected Not in release
Show less packages

CVE-2022-37032

Medium priority

Some fixes available 8 of 10

An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c.

2 affected packages

frr, quagga

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
frr Fixed Fixed Fixed Not in release
quagga Not in release Not in release Fixed Vulnerable
Show less packages

CVE-2022-37035

Medium priority
Fixed

An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution...

1 affected package

frr

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
frr Fixed Fixed Fixed Not in release
Show less packages

CVE-2022-26129

Medium priority

Some fixes available 7 of 8

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the subtlv length in the functions, parse_hello_subtlv, parse_ihu_subtlv, and parse_update_subtlv in babeld/message.c.

1 affected package

frr

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
frr Fixed Fixed Fixed
Show less packages

CVE-2022-26128

Medium priority

Some fixes available 7 of 8

A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the babel_packet_examin function in babeld/message.c.

1 affected package

frr

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
frr Fixed Fixed Fixed
Show less packages