An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_encap in bgpd/bgp_attr.c does not check the actual remaining stream length before taking the TLV value.
2024-08-19T02:15:04.643
2024-08-30T16:19:49.587
Analyzed
CVSSv3.1: 7.5 (HIGH)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | frrouting | frrouting | ≤ 10.1 | Yes |
Operating System | redhat | enterprise_linux | 8.0 | Yes |
Operating System | redhat | enterprise_linux | 9.0 | Yes |