Moderate severityNVD Advisory· Published Apr 21, 2025· Updated Apr 21, 2025
CVE-2025-43972
CVE-2025-43972
Description
An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/osrg/gobgpGo | >= 0 | — |
github.com/osrg/gobgp/v3Go | < 3.35.0 | 3.35.0 |
Affected products
31- osv-coords30 versionspkg:apk/chainguard/cilium-1.15pkg:apk/chainguard/cilium-1.16pkg:apk/chainguard/cilium-1.16-clustermesh-apiserverpkg:apk/chainguard/cilium-1.16-container-initpkg:apk/chainguard/cilium-1.16-container-init-compatpkg:apk/chainguard/cilium-1.16-hubble-relaypkg:apk/chainguard/cilium-1.16-iptablespkg:apk/chainguard/cilium-1.16-operator-awspkg:apk/chainguard/cilium-1.16-operator-genericpkg:apk/chainguard/cilium-fips-1.15pkg:apk/chainguard/cilium-fips-1.16pkg:apk/chainguard/cilium-fips-1.16-clustermesh-apiserverpkg:apk/chainguard/cilium-fips-1.16-container-initpkg:apk/chainguard/cilium-fips-1.16-container-init-compatpkg:apk/chainguard/cilium-fips-1.16-host-utilspkg:apk/chainguard/cilium-fips-1.16-hubble-relaypkg:apk/chainguard/cilium-fips-1.16-operator-awspkg:apk/chainguard/cilium-fips-1.16-operator-azurepkg:apk/chainguard/cilium-fips-1.16-operator-genericpkg:apk/wolfi/cilium-1.15pkg:apk/wolfi/cilium-1.16pkg:apk/wolfi/cilium-1.16-container-initpkg:apk/wolfi/cilium-1.16-container-init-compatpkg:apk/wolfi/cilium-1.16-hubble-relaypkg:apk/wolfi/cilium-1.16-iptablespkg:apk/wolfi/cilium-1.16-operator-awspkg:apk/wolfi/cilium-1.16-operator-genericpkg:golang/github.com/osrg/gobgppkg:golang/github.com/osrg/gobgp/v3pkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Tumbleweed
< 1.15.19-r3+ 29 more
- (no CPE)range: < 1.15.19-r3
- (no CPE)range: < 1.16.9-r1
- (no CPE)range: < 1.16.9-r1
- (no CPE)range: < 1.16.9-r1
- (no CPE)range: < 1.16.9-r1
- (no CPE)range: < 1.16.9-r1
- (no CPE)range: < 1.16.9-r1
- (no CPE)range: < 1.16.9-r1
- (no CPE)range: < 1.16.9-r1
- (no CPE)range: < 1.15.19-r7
- (no CPE)range: < 1.16.9-r2
- (no CPE)range: < 1.16.9-r2
- (no CPE)range: < 1.16.9-r2
- (no CPE)range: < 1.16.9-r2
- (no CPE)range: < 1.16.9-r2
- (no CPE)range: < 1.16.9-r2
- (no CPE)range: < 1.16.9-r2
- (no CPE)range: < 1.16.9-r2
- (no CPE)range: < 1.16.9-r2
- (no CPE)range: < 1.15.19-r3
- (no CPE)range: < 1.16.9-r1
- (no CPE)range: < 1.16.9-r1
- (no CPE)range: < 1.16.9-r1
- (no CPE)range: < 1.16.9-r1
- (no CPE)range: < 1.16.9-r1
- (no CPE)range: < 1.16.9-r1
- (no CPE)range: < 1.16.9-r1
- (no CPE)range: >= 0
- (no CPE)range: < 3.35.0
- (no CPE)range: < 0.0.20250422T181640-1.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.