CVE-2022-26125

Опубликовано: 06 фев. 2022

Источник: redhat

CVSS3: 7.8

EPSS Низкий

Описание

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd/isis_tlvs.c.

frrouting is vulnerable to a flaw that can cause buffer overflow through due to incorrect checks on the input packet length when processing type-length-value packets. There is high impact to availability due to the fact that the process up-time can be made unreliable.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 8	frr	Will not fix
Red Hat Enterprise Linux 9	frr	Fixed	RHSA-2022:8112	15.11.2022

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-1284

https://bugzilla.redhat.com/show_bug.cgi?id=2058628frrouting: overflow bugs in unpack_tlv_router_cap

EPSS

Процентиль: 17%

0.00055

Низкий

7.8 High

CVSS3

Связанные уязвимости

CVE-2022-26125

CVSS3: 7.8

ubuntu

больше 3 лет назад

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd/isis_tlvs.c.

CVE-2022-26125

CVSS3: 7.8

nvd

больше 3 лет назад

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd/isis_tlvs.c.

CVE-2022-26125

CVSS3: 7.8

debian

больше 3 лет назад

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due t ...

RLSA-2022:8112

rocky

больше 2 лет назад

Moderate: frr security, bug fix, and enhancement update

GHSA-9hg8-8wq3-mhhg

CVSS3: 7.8

github

больше 3 лет назад

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd/isis_tlvs.c.

EPSS

Процентиль: 17%

0.00055

Низкий

7.8 High

CVSS3