CVE-2022-36440

Published: Apr 3, 2023

Modified: Aug 3, 2024

PUBLISHED

Description

A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peek_for_as4_capability function. Attackers can maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in DoS.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/spwpun/pocs

https://github.com/spwpun/pocs/blob/main/frr-bgpd.md

FEDORA-2023-14ec79ae02

vendor-advisory

FEDORA-2023-2cb0f34efe

vendor-advisory

FEDORA-2023-77d00facd0

vendor-advisory

DSA-5495

vendor-advisory

[debian-lts-announce] 20230919 [SECURITY] [DLA 3573-1] frr security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-36440

Description

Affected Products

References