Shodan
Vulnerabilities
Vulnerable Software
Frrouting:  >> Frrouting  >> 6.0.2  Security Vulnerabilities
CVE-2022-40302
An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-05-03
CVE-2022-40318
An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case. NOTE: this behavior occurs in bgp_open_option_parse in the bgp_open.c file, a different location (with a different attack vector) relative to CVE-2022-40302.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-05-03
CVE-2022-37032
An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c.
CVSS Score
9.1
EPSS Score
0.004
Published
2022-09-19
CVE-2022-26125
Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd/isis_tlvs.c.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-03-03
CVE-2022-26126
Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to the use of strdup with a non-zero-terminated binary string in isis_nb_notifications.c.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-03-03
CVE-2022-26127
A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to missing a check on the input packet length in the babel_packet_examin function in babeld/message.c.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-03-03
CVE-2022-26128
A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the babel_packet_examin function in babeld/message.c.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-03-03
CVE-2022-26129
Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the subtlv length in the functions, parse_hello_subtlv, parse_ihu_subtlv, and parse_update_subtlv in babeld/message.c.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-03-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved