Vulnerability Details CVE-2022-37035
An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP packets. User interaction is not needed for exploitation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.041
EPSS Ranking 87.4%
CVSS Severity
CVSS v3 Score 8.1
References
- https://docs.google.com/document/d/1TqYEcZbFeDTMKe2N4XRFwyAjw_mynIHfvzwbx1fmJj8/edit?usp=sharing
- https://github.com/FRRouting/frr/issues/11698
- https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html
- https://docs.google.com/document/d/1TqYEcZbFeDTMKe2N4XRFwyAjw_mynIHfvzwbx1fmJj8/edit?usp=sharing
- https://github.com/FRRouting/frr/issues/11698
- https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html
- https://lists.debian.org/debian-lts-announce/2024/09/msg00007.html