Vulnerability Database

300,445

Total vulnerabilities in the database

CVE-2022-37032

An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c.

Published: Sep 20, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-37032
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.1
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWEs:

CWE-125

Affected Software
References

Software	From	Fixed in
frrouting / frrouting	-	8.4
debian / debian_linux	10.0	10.0.x
debian / debian_linux	11.0	11.0.x

https://bugzilla.suse.com/show_bug.cgi?id=1202023
https://github.com/FRRouting/frr/commit/6d58272b4cf96f0daa846210dd2104877900f921
https://github.com/FRRouting/frr/commit/ff6db1027f8f36df657ff2e5ea167773752537ed
https://lists.debian.org/debian-lts-announce/2022/11/msg00039.html
https://www.debian.org/security/2023/dsa-5362

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo