CVE-2022-26128
Ubuntu Security Notice USN-6807-1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the babel_packet_examin function in babeld/message.c.
Se presenta una vulnerabilidad de desbordamiento de búfer en FRRouting versiones hasta 8.1.0, debido a comprobaciones erróneas de la longitud del paquete de entrada en la función babel_packet_examin en el archivo babeld/message.c
It was discovered that FRR incorrectly handled certain network traffic. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. Ben Cartwright-Cox discovered that FRR incorrectly handled certain network traffic. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-02-25 CVE Reserved
- 2022-03-03 CVE Published
- 2025-02-13 CVE Updated
- 2025-02-13 First Exploit
- 2025-04-06 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-1284: Improper Validation of Specified Quantity in Input