Primary

Context

FRRouting Integer Underflow Vulnerability in BGP UPDATE Message Handling Leading to Denial-of-Service

Vulnerability

Patched

An integer underflow vulnerability has been identified in FRRouting (FRR) versions stable/10.0 to stable/10.6. This vulnerability allows attackers to cause a denial-of-service (DoS) by sending a crafted BGP UPDATE message. The issue arises because the BGP daemon (bgpd) does not properly validate the length of certain TLV (Type-Length-Value) fields, allowing for exploitation.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the BGP process to crash or become unresponsive.

Remediation

Users can upgrade to FRRouting versions later than stable/10.6 to address this vulnerability.

Added: May 4, 2026, 6:29 PM

Updated: May 4, 2026, 6:29 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

2.5

exploitability

8.2

remediation

7.7

relevance

7.4

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

2.5

exploitability

8.2

remediation

7.7

relevance

7.4

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

FRRouting Integer Underflow Vulnerability in BGP UPDATE Message Handling Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

FRRouting

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating