Jiahao Lei

**Name of the Vulnerable Software and Affected Versions** FRRouting (FRR) versions stable/10.0 through stable/10.6 **Description** Missing input validation in the MP REACH NLRI component allows authenticated attackers to cause a Denial of Service (DoS) by supplying a crafted UPDATE message. **Recommendations** Update to version 10.6.1-1.1.

**Name of the Vulnerable Software and Affected Versions** FRRouting (FRR) versions 10.0 through 10.6 **Description** An integer underflow occurs when a program calculates a value that is smaller than the minimum value the variable can hold, often wrapping around to a very large number. This issue allows attackers to cause a Denial of Service (DoS) by sending a specially crafted BGP UPDATE message. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FRRouting version stable/10.0 **Description** An off-by-one out-of-bounds write issue exists in the `bgp flowspec op decode()` function located in `bgpd/bgp flowspec util.c`. This flaw allows attackers to trigger a Denial of Service (DoS) by providing a specially crafted FlowSpec component. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.