CVE Vulnerability

CVE-2022-37032

An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c.

9.1 /10

CVSS v3.0 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://bugzilla.suse.com/show_bug.cgi?id=1202023 Exploit Issue Tracking
https://github.com/FRRouting/frr/commit/6d58272b4cf96f0daa846210dd2104877900f921 Patch Third Party Advisory
https://github.com/FRRouting/frr/commit/ff6db1027f8f36df657ff2e5ea167773752537ed Patch Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/11/msg00039.html
Configurations

Configuration 1

cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:*
Information

Published : 2022-09-19 10:15

Updated : 2022-11-28 08:15

NVD link : CVE-2022-37032

Mitre link : CVE-2022-37032

Products Affected
No products.
CWE
CWE-125

Out-of-bounds Read