RedosROS-20240617-02ROS-20240617-02
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.4 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
39.2%
A vulnerability in the bgpd/bgp_attr.c file of a software tool for implementing network routing on Unix-like
FRRouting systems is related to read outside bgp_attr_aigp_valid bounds, as there are no
AIGP checks. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of
denial of service
Vulnerability in the bgpd/bgp_label.c file of a software tool for implementing network routing on Unix-like FRRR systems.
Unix-like systems FRRouting is related to torture to read beyond the end of a stream while analyzing a
of a labeled unicast. Exploitation of the vulnerability could allow an attacker acting
remotely to cause a denial of service
Vulnerability in the bgpd/bgp_flowspec.c file of a software tool for implementing network routing on Unix-like FRRR systems.
Unix-like systems FRRouting is related to handling invalid requests without attributes. Exploitation of the
The vulnerability could allow a remote attacker to cause a denial of service
Vulnerability in the software tool for implementing network routing on Unix-like systems FRRouting
is related to sending specially crafted hello messages with a unicast flag, an interval field, and an interval field.
distribution, an interval field equal to 0, or any TLV containing a sub-TLV with the Mandatory flag set,
to enter an infinite loop. Exploitation of the vulnerability could allow an attacker acting
remotely, to cause a denial of service
A vulnerability in the bgpd/bgp_open.c file of a software tool for implementing network routing on Unix-like
FRRouting is related to the lack of verification of the rcv software version length.
Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
Vulnerability in the software tool for implementing network routing on Unix-like systems FRRouting
is related to incorrect processing of a generated BGP UPDATE message with the MP_UNREACH_NLRI attribute and additional NLRI data.
additional NLRI data. Exploitation of the vulnerability could allow an attacker acting remotely,
cause a denial of service
Vulnerability in the software tool for implementing network routing on Unix-like systems FRRouting
is related to incorrect processing of a generated BGP UPDATE message with EOR. Exploitation of the vulnerability
could allow an attacker acting remotely to cause a denial of service
Vulnerability in the software tool for implementing network routing on Unix-like systems FRRouting
is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker,
acting remotely, to cause a denial of service using a specially crafted file
Vulnerability in the bgpd/bgp_packet.c file of a software tool for implementing network routing on Unix-like FRRRouting systems.
Unix-like systems FRRouting is related to reading the initial byte of the ORF header in a flow precedence situation.
flow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of
denial of service
Vulnerability in the software tool for implementing network routing on Unix-like systems FRRouting
is related to insufficient validation of entered data. Exploitation of the vulnerability could allow an attacker,
acting remotely, to cause a denial of service
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.4 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
39.2%