CVE-2022-36440
frr: Reachable assertion in peek_for_as4_capability function
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peek_for_as4_capability function. Attackers can maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in DoS.
Se encontró una afirmación accesible en Frrouting frr-bgpd 8.3.0 en la función peek_for_as4_capability. Los atacantes pueden construir maliciosamente paquetes abiertos BGP y enviarlos a pares BGP que ejecutan frr-bgpd, lo que resulta en DoS.
A reachable assertion flaw was found in Frrouting frr-bgpd in the peek_for_as4_capability function. This flaw allows an attacker to maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in a denial of service.
Multiple vulnerabilities were discovered in frr, the FRRouting suite of internet protocols, while processing malformed requests and packets the BGP daemon may have reachable assertions, NULL pointer dereference, out-of-bounds memory access, which may lead to denial of service attack.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-07-25 CVE Reserved
- 2023-04-03 CVE Published
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-617: Reachable Assertion
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| https://github.com/spwpun/pocs | Third Party Advisory | |
| https://lists.debian.org/debian-lts-announce/2023/09/msg00020.html | Mailing List |
|
| URL | Date | SRC |
|---|---|---|
| https://github.com/spwpun/pocs/blob/main/frr-bgpd.md | 2024-08-03 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Frrouting Search vendor "Frrouting" | Frrouting Search vendor "Frrouting" for product "Frrouting" | 8.3 Search vendor "Frrouting" for product "Frrouting" and version "8.3" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 36 Search vendor "Fedoraproject" for product "Fedora" and version "36" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 37 Search vendor "Fedoraproject" for product "Fedora" and version "37" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 38 Search vendor "Fedoraproject" for product "Fedora" and version "38" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 11.0 Search vendor "Debian" for product "Debian Linux" and version "11.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 12.0 Search vendor "Debian" for product "Debian Linux" and version "12.0" | - |
Affected
| ||||||