Your submission was sent successfully! Close

CVE-2022-37035

Published: 2 August 2022

An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP packets. User interaction is not needed for exploitation.

Priority

Medium

CVSS 3 base score: 8.1

Status

Package Release Status
frr
Launchpad, Ubuntu, Debian
bionic Does not exist

focal Needed

jammy
Released (8.1-1ubuntu1.2)
kinetic
Released (8.1-1ubuntu3)
trusty Does not exist

upstream Needs triage

xenial Does not exist

Patches:
upstream: https://github.com/FRRouting/frr/pull/11926
upstream: https://github.com/FRRouting/frr/commit/71ca5b09bc71e8cbe38177cf41e83fe164e52eee