Frrouting

Frrouting

50 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2026-37459

  • EPSS 0.05%
  • Veröffentlicht 04.05.2026 00:00:00
  • Zuletzt bearbeitet 05.05.2026 19:47:31

An integer underflow in FRRouting (FRR) stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message.

6.5

CVE-2026-37458

  • EPSS 0.05%
  • Veröffentlicht 04.05.2026 00:00:00
  • Zuletzt bearbeitet 11.05.2026 19:52:46

Missing input validation in the MP_REACH_NLRI component of FRRouting (FRR) stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service (DoS) via supplying a crafted UPDATE message.

7.5

CVE-2026-37457

  • EPSS 0.05%
  • Veröffentlicht 01.05.2026 00:00:00
  • Zuletzt bearbeitet 07.05.2026 15:15:06

An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function (bgpd/bgp_flowspec_util.c) of FRRouting (FRR) stable/10.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted FlowSpec component.

6.5

CVE-2026-28532

  • EPSS 0.02%
  • Veröffentlicht 30.04.2026 20:17:51
  • Zuletzt bearbeitet 01.05.2026 17:48:21

FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV parser functions where a uint16_t accumulator variable truncates uint32_t values returned by the TLV_SIZE() macro, causing th...

4.2

CVE-2026-5107

  • EPSS 0.02%
  • Veröffentlicht 30.03.2026 05:00:19
  • Zuletzt bearbeitet 29.04.2026 22:01:48

A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function process_type2_route of the file bgpd/bgp_evpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The attack can be ...

7.5

CVE-2025-61107

Exploit
  • EPSS 0.24%
  • Veröffentlicht 28.10.2025 00:00:00
  • Zuletzt bearbeitet 31.10.2025 18:46:51

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LSA Update pa...

7.5

CVE-2025-61106

Exploit
  • EPSS 0.24%
  • Veröffentlicht 28.10.2025 00:00:00
  • Zuletzt bearbeitet 31.10.2025 18:50:21

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.

7.5

CVE-2025-61104

Exploit
  • EPSS 0.24%
  • Veröffentlicht 28.10.2025 00:00:00
  • Zuletzt bearbeitet 31.10.2025 18:52:30

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_unknown_tlv function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.

7.5

CVE-2025-61103

Exploit
  • EPSS 0.24%
  • Veröffentlicht 28.10.2025 00:00:00
  • Zuletzt bearbeitet 31.10.2025 18:55:01

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_lan_adj_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packe...

7.5

CVE-2025-61101

Exploit
  • EPSS 0.24%
  • Veröffentlicht 27.10.2025 00:00:00
  • Zuletzt bearbeitet 03.11.2025 17:53:25

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_rmt_itf_addr function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF pack...