Search CVE reports
21 – 30 of 48 results
ospf_te_parse_te in ospfd/ospf_te.c in FRRouting (FRR) through 9.1 allows remote attackers to cause a denial of service (ospfd daemon crash) via a malformed OSPF LSA packet, because of an attempted access to a missing attribute field.
2 affected packages
frr, quagga
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| frr | — | Fixed | Fixed | Not affected | Not in release |
| quagga | — | Not in release | Not in release | Not affected | Not affected |
bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing.
2 affected packages
frr, quagga
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| frr | — | Fixed | Fixed | Fixed | Ignored |
| quagga | — | Not in release | Not in release | Not affected | Not affected |
bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."
2 affected packages
frr, quagga
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| frr | — | Not affected | Fixed | Fixed | Ignored |
| quagga | — | Not in release | Not in release | Not affected | Not affected |
An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw outcome.
2 affected packages
frr, quagga
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| frr | — | Fixed | Fixed | Fixed | Ignored |
| quagga | — | Not in release | Not in release | Not affected | Not affected |
An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (that lacks mandatory path attributes).
2 affected packages
frr, quagga
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| frr | — | Fixed | Fixed | Fixed | Ignored |
| quagga | — | Not in release | Not in release | Not affected | Not affected |
An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute.
2 affected packages
frr, quagga
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| frr | Fixed | Fixed | Fixed | Fixed | Ignored |
| quagga | Not in release | Not in release | Not in release | Fixed | Ignored |
An issue was discovered in FRRouting FRR through 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash.
2 affected packages
frr, quagga
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| frr | — | Fixed | Fixed | Fixed | Ignored |
| quagga | — | Not in release | Not in release | Not affected | Not affected |
An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference.
2 affected packages
frr, quagga
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| frr | — | Not affected | Fixed | Fixed | Ignored |
| quagga | — | Not in release | Not in release | Not affected | Not affected |
An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software version.
2 affected packages
frr, quagga
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| frr | — | — | Not affected | Not affected | Ignored |
| quagga | — | — | Not in release | Not affected | Not affected |
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation.
2 affected packages
frr, quagga
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| frr | — | Not affected | Fixed | Fixed | Ignored |
| quagga | — | Not in release | Not in release | Fixed | Fixed |