Description
An integer underflow in FRRouting (FRR) stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message.
Published: 2026-05-04
Score: 7.5 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is an integer underflow that occurs when FRRouting processes BGP UPDATE messages. A specially crafted UPDATE can trigger the underflow, causing the routing process to terminate and the router to stop forwarding traffic. This results in a loss of routing availability, effectively dropping network connectivity for any peers that depend on the affected router.

Affected Systems

FRRouting versions in the stable/10.0 through stable/10.6 branches are affected. Any deployment of these versions that accepts BGP UPDATE messages is in scope, regardless of the host operating system.

Risk and Exploitability

The flaw can be exploited remotely by a neighboring router that can send a malformed UPDATE message. Based on the description, it is inferred that the attacker needs an existing BGP session to transmit the crafted UPDATE without additional authentication. The issue is not listed in the CISA KEV catalog, and no EPSS score is available. Because it causes a complete denial of the routing service, the risk to availability is high. The CVSS score of 7.5 indicates a high severity level, underscoring the critical nature of routing services.

Generated by OpenCVE AI on May 5, 2026 at 00:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade FRRouting to a version that includes the integer underflow fix.
  • If an upgrade is not immediately possible, isolate the affected router or temporarily disable its BGP sessions until a patch is available.
  • Implement BGP filtering to reject malformed or unusually large UPDATE messages from neighboring routers.

Generated by OpenCVE AI on May 5, 2026 at 00:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 05 May 2026 00:45:00 +0000

Type Values Removed Values Added
Title Integer Underflow in FRRouting Leads to Denial of Service via Crafted BGP UPDATE

Mon, 04 May 2026 22:15:00 +0000

Type Values Removed Values Added
Title Integer Underflow in FRRouting BGP Update Processing Causing Denial of Service
Weaknesses CWE-193

Mon, 04 May 2026 20:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-400
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 04 May 2026 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Frrouting
Frrouting frrouting
Vendors & Products Frrouting
Frrouting frrouting

Mon, 04 May 2026 19:30:00 +0000

Type Values Removed Values Added
Title Integer Underflow in FRRouting BGP Update Processing Causing Denial of Service
Weaknesses CWE-193

Mon, 04 May 2026 17:45:00 +0000

Type Values Removed Values Added
Description An integer underflow in FRRouting (FRR) stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message.
References

Subscriptions

Frrouting Frrouting
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-05-04T19:48:06.779Z

Reserved: 2026-04-06T00:00:00.000Z

Link: CVE-2026-37459

cve-icon Vulnrichment

Updated: 2026-05-04T19:48:03.199Z

cve-icon NVD

Status : Received

Published: 2026-05-04T18:16:28.807

Modified: 2026-05-04T20:16:18.413

Link: CVE-2026-37459

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-05T00:30:11Z

Weaknesses