Frrouting

Frrouting

51 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.7%
  • Veröffentlicht 07.04.2024 21:15:07
  • Zuletzt bearbeitet 04.11.2025 17:15:51

In FRRouting (FRR) through 9.1, an infinite loop can occur when receiving a MP/GR capability as a dynamic capability because malformed data results in a pointer not advancing.

  • EPSS 0.83%
  • Veröffentlicht 07.04.2024 21:15:07
  • Zuletzt bearbeitet 04.11.2025 17:15:51

In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash.

  • EPSS 0.32%
  • Veröffentlicht 28.02.2024 07:15:09
  • Zuletzt bearbeitet 26.03.2025 21:15:21

ospf_te_parse_te in ospfd/ospf_te.c in FRRouting (FRR) through 9.1 allows remote attackers to cause a denial of service (ospfd daemon crash) via a malformed OSPF LSA packet, because of an attempted access to a missing attribute field.

  • EPSS 0.93%
  • Veröffentlicht 06.11.2023 06:15:40
  • Zuletzt bearbeitet 04.11.2025 17:15:37

bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing.

  • EPSS 0.94%
  • Veröffentlicht 06.11.2023 06:15:40
  • Zuletzt bearbeitet 04.11.2025 17:15:37

bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."

  • EPSS 0.69%
  • Veröffentlicht 03.11.2023 21:15:17
  • Zuletzt bearbeitet 04.11.2025 17:15:38

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw outcome.

  • EPSS 0.91%
  • Veröffentlicht 03.11.2023 21:15:17
  • Zuletzt bearbeitet 04.11.2025 17:15:38

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (that lacks mandatory path attributes).

  • EPSS 0.79%
  • Veröffentlicht 26.10.2023 05:15:26
  • Zuletzt bearbeitet 04.11.2025 17:15:38

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute.

  • EPSS 0.85%
  • Veröffentlicht 26.10.2023 05:15:26
  • Zuletzt bearbeitet 04.11.2025 17:15:38

An issue was discovered in FRRouting FRR through 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash.

  • EPSS 0.93%
  • Veröffentlicht 05.09.2023 07:15:14
  • Zuletzt bearbeitet 21.11.2024 08:21:53

An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference.