VYPR

Frrouting

by Frrouting

Source repositories

CVEs (30)

  • CVE-2017-15865HigNov 8, 2017
    risk 0.49cvss 7.5epss 0.02

    bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few…

  • CVE-2026-37459HigMay 4, 2026
    risk 0.42cvss 7.5epss 0.00

    An integer underflow in FRRouting (FRR) stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message.

  • CVE-2026-37457HigMay 1, 2026
    risk 0.42cvss 7.5epss 0.00

    An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function (bgpd/bgp_flowspec_util.c) of FRRouting (FRR) stable/10.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted FlowSpec component.

  • CVE-2026-37458MedMay 4, 2026
    risk 0.35cvss 6.5epss 0.00

    Missing input validation in the MP_REACH_NLRI component of FRRouting (FRR) stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service (DoS) via supplying a crafted UPDATE message.

  • CVE-2026-28532MedApr 30, 2026
    risk 0.35cvss 6.5epss 0.00

    FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV parser functions where a uint16_t accumulator variable truncates uint32_t values returned by the TLV_SIZE() macro, causing the loop termination condition…

  • CVE-2026-5107MedMar 30, 2026
    risk 0.20cvss 4.2epss 0.00

    A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function process_type2_route of the file bgpd/bgp_evpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The…

  • CVE-2025-61103Oct 28, 2025
    risk 0.00cvss epss 0.01

    FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_lan_adj_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.

  • CVE-2025-61107Oct 28, 2025
    risk 0.00cvss epss 0.01

    FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LSA Update packet.

  • CVE-2025-61104Oct 28, 2025
    risk 0.00cvss epss 0.01

    FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_unknown_tlv function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.

  • CVE-2025-61106Oct 28, 2025
    risk 0.00cvss epss 0.01

    FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.

  • CVE-2025-61099Oct 27, 2025
    risk 0.00cvss epss 0.00

    FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaque_info_detail function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LS Update packet.

  • CVE-2025-61100Oct 27, 2025
    risk 0.00cvss epss 0.00

    FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospf_opaque_lsa_dump function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) under specific malformed LSA conditions.

  • CVE-2025-61105Oct 27, 2025
    risk 0.00cvss epss 0.00

    FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_link_info function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.

  • CVE-2025-61102Oct 27, 2025
    risk 0.00cvss epss 0.00

    FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_adj_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.

  • CVE-2025-61101Oct 27, 2025
    risk 0.00cvss epss 0.00

    FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_rmt_itf_addr function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.

  • CVE-2024-44070Aug 19, 2024
    risk 0.00cvss epss 0.01

    An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_encap in bgpd/bgp_attr.c does not check the actual remaining stream length before taking the TLV value.

  • CVE-2024-34088Apr 30, 2024
    risk 0.00cvss epss 0.01

    In FRRouting (FRR) through 9.1, it is possible for the get_edge() function in ospf_te.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service.

  • CVE-2024-31951Apr 7, 2024
    risk 0.00cvss epss 0.01

    In the Opaque LSA Extended Link parser in FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs (lengths are not validated).

  • CVE-2024-31950Apr 7, 2024
    risk 0.00cvss epss 0.01

    In FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ri for OSPF LSA packets during an attempt to read Segment Routing subTLVs (their size is not validated).

  • CVE-2024-31948Apr 7, 2024
    risk 0.00cvss epss 0.01

    In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash.

Page 1 of 2