An issue was discovered in bgpd in FRRouting (FRR) 8.3....
High severity
Unreviewed
Published
Aug 3, 2022
to the GitHub Advisory Database
•
Updated Apr 28, 2024
Description
Published by the National Vulnerability Database
Aug 2, 2022
Published to the GitHub Advisory Database
Aug 3, 2022
Last updated
Apr 28, 2024
An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP packets. User interaction is not needed for exploitation.
References