Name of the Vulnerable Software and Affected Versions:

FRRouting FRR versions through 8.4

Description:

An out-of-bounds read exists in the BGP daemon of FRRouting FRR. When sending a malformed BGP OPEN message that ends with the option length octet (or the option length word, in case of an extended OPEN message), the FRR code reads out of the bounds of the packet, throwing a SIGABRT signal and exiting. This results in a bgpd daemon restart, causing a Denial-of-Service condition. The issue can be exploited by a remote attacker to cause a denial of service.

Recommendations:

For FRRouting FRR versions through 8.4, consider disabling the BGP daemon until a patch is available to prevent exploitation. Restrict access to the BGP daemon to minimize the risk of exploitation. Avoid sending malformed BGP OPEN messages to the affected system until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.