CVE-2022-43681
Last modified
CVE-2022-43681 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet (or the option length word, in case of an extended OPEN message), the FRR code reads of out of the bounds of the packet, throwing a SIGABRT signal and exiting. EPSS estimates a 2.11% chance of exploitation in the next 30 days.
Description
An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet (or the option length word, in case of an extended OPEN message), the FRR code reads of out of the bounds of the packet, throwing a SIGABRT signal and exiting. This results in a bgpd daemon restart, causing a Denial-of-Service condition.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Frrouting | Frrouting | <= 8.4 |
| Debian | Debian Linux | 10.0 |
| Debian | Debian Linux | 11.0 |
| Debian | Debian Linux | 12.0 |
References
- https://forescout.comThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2023/09/msg00020.htmlMailing List, Third Party Advisory
- https://www.debian.org/security/2023/dsa-5495Third Party Advisory
- https://forescout.comThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2023/09/msg00020.htmlMailing List, Third Party Advisory
- https://www.debian.org/security/2023/dsa-5495Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2022-43681?
How severe is CVE-2022-43681?
How do I fix CVE-2022-43681?
Are you affected by CVE-2022-43681?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST