Rensiru

**Nome do Software Vulnerável e Versões Afetadas** osrg GoBGP versões anteriores a 4.4.0 **Descrição** Uma negação de serviço remota pode ocorrer no componente SRv6 L3 Service. O problema existe na função `SRv6L3ServiceAttribute.DecodeFromBytes()` localizada no arquivo `pkg/packet/bgp/prefix sid.go`, onde a manipulação dos dados do argumento desencadeia a falha. **Recomendações** Atualizar para a versão 4.4.0.

**Nome do Software Vulnerável e Versões Afetadas** osrg GoBGP versões anteriores a 4.4.0 **Descrição** Um estouro de buffer (buffer overflow) pode ser desencadeado remotamente no componente AIGP Attribute Parser. O problema reside na função `PathAttributeAigp.DecodeFromBytes()` localizada no arquivo `pkg/packet/bgp/bgp.go`. **Recomendações** Atualizar para a versão 4.4.0.

**Name of the Vulnerable Software and Affected Versions** FRRouting FRR versions up to 10.5.1 **Description** A security issue exists in FRRouting FRR related to improper access controls within the EVPN Type-2 Route Handler component. The issue is located in the `process type2 route` function of the `bgpd/bgp evpn.c` file. The attack can be initiated remotely and is considered difficult to exploit. **Recommendations** Deploy a patch to address this issue.

**Name of the Vulnerable Software and Affected Versions** osrg GoBGP versions through 4.3.0 **Description** A security issue exists in osrg GoBGP up to version 4.3.0. The issue resides in the `DecodeFromBytes` function within the `pkg/packet/bgp/bgp.go` file, specifically in the BGP OPEN Message Handler component. Manipulation of the `domainNameLen` argument can lead to improper access controls. The attack can be initiated remotely and requires a high degree of complexity, with exploitability reported as difficult. **Recommendations** Install the patch 2b09db390a3d455808363c53e409afe6b1b86d2d to address this issue.