frr (AlmaLinux:9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:9 package frr, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (19)
CVE-2023-38406 — CVSS 9.8 (critical): bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."
CVE-2023-41359 — CVSS 9.1 (critical): An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because…
CVE-2022-37032 — CVSS 9.1 (critical): An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in…
CVE-2023-41360 — CVSS 9.1 (critical): An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream…
CVE-2022-26125 — CVSS 7.8 (high): Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd/isis_tlvs.c.
CVE-2023-47235 — CVSS 7.5 (high): An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed…
CVE-2022-36440 — CVSS 7.5 (high): A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peek_for_as4_capability function. Attackers can maliciously construct…
CVE-2023-31490 — CVSS 7.5 (high): An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub() function.
CVE-2023-38407 — CVSS 7.5 (high): bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing.
CVE-2023-38802 — CVSS 7.5 (high): FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with…
CVE-2023-41358 — CVSS 7.5 (high): An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero.
CVE-2023-41909 — CVSS 7.5 (high): An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no…
CVE-2023-47234 — CVSS 7.5 (high): An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a…
CVE-2022-40318 — CVSS 6.5 (medium): An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length…
CVE-2022-40302 — CVSS 6.5 (medium): An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length…
CVE-2022-43681 — CVSS 6.5 (medium): An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the…
CVE-2023-46752 — CVSS 5.9 (medium): An issue was discovered in FRRouting FRR through 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash.
CVE-2023-46753 — CVSS 5.9 (medium): An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes…
CVE-2023-31489 — CVSS 5.5 (medium): An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function.