CVSS: 8.1EPSS: 2%CPEs: 1EXPL: 2CVE-2022-37035
https://notcve.org/view.php?id=CVE-2022-37035
An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP packets. User interaction is not needed for exploitation. Se ha detectado un problema en bgpd en FRRouting (FRR) 8.3. • https://docs.google.com/document/d/1TqYEcZbFeDTMKe2N4XRFwyAjw_mynIHfvzwbx1fmJj8/edit?usp=sharing https://github.com/FRRouting/frr/issues/11698 https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-26129
https://notcve.org/view.php?id=CVE-2022-26129
Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the subtlv length in the functions, parse_hello_subtlv, parse_ihu_subtlv, and parse_update_subtlv in babeld/message.c. Se presenta una vulnerabilidad de desbordamiento de búfer en FRRouting versiones hasta 8.1.0, debido a comprobaciones erróneas de la longitud de subtlv en las funciones, parse_hello_subtlv, parse_ihu_subtlv, y parse_update_subtlv en el archivo babeld/message.c • https://github.com/FRRouting/frr/issues/10503 https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-26128
https://notcve.org/view.php?id=CVE-2022-26128
A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the babel_packet_examin function in babeld/message.c. Se presenta una vulnerabilidad de desbordamiento de búfer en FRRouting versiones hasta 8.1.0, debido a comprobaciones erróneas de la longitud del paquete de entrada en la función babel_packet_examin en el archivo babeld/message.c • https://github.com/FRRouting/frr/issues/10502 https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-26127
https://notcve.org/view.php?id=CVE-2022-26127
A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to missing a check on the input packet length in the babel_packet_examin function in babeld/message.c. Se presenta una vulnerabilidad de desbordamiento del búfer en FRRouting versiones hasta 8.1.0, debido a una falta de comprobación de la longitud del paquete de entrada en la función babel_packet_examin en el archivo babeld/message.c • https://github.com/FRRouting/frr/issues/10487 https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-26125 – frrouting: overflow bugs in unpack_tlv_router_cap
https://notcve.org/view.php?id=CVE-2022-26125
Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd/isis_tlvs.c. Se presentan vulnerabilidades de desbordamiento del búfer en FRRouting versiones hasta 8.1.0, debido a comprobaciones erróneas de la longitud del paquete de entrada en el archivo isisd/isis_tlvs.c frrouting is vulnerable to a flaw that can cause buffer overflow through due to incorrect checks on the input packet length when processing type-length-value packets. There is high impact to availability due to the fact that the process up-time can be made unreliable. • https://github.com/FRRouting/frr/issues/10507 https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html https://access.redhat.com/security/cve/CVE-2022-26125 https://bugzilla.redhat.com/show_bug.cgi?id=2058628 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-1284: Improper Validation of Specified Quantity in Input •