Description
Missing input validation in the rfapiRibBi2Ri() function (rfapi_rib.c) of FRRouting (FRR) stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message.
Published: 2026-06-03
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

FRRouting (FRR) implements a function rfapiRibBi2Ri() that processes BGP UPDATE messages without proper input validation. An attacker can craft a malformed BGP UPDATE packet and send it to an FRR instance, triggering a crash or memory corruption that results in a denial of service. The core weakness is an improper input validation flaw (CWE-20), leading to availability loss for the network service.

Affected Systems

FRRouting (FRR) stable release series 10.0 through 10.6 are affected. Any deployment of FRR within this version range that accepts BGP UPDATE messages is vulnerable.

Risk and Exploitability

The CVSS score of 7.5 indicates a high severity disruption risk for the network service. The EPSS score of < 1% suggests a very low likelihood of exploitation. It is not listed in the CISA KEV catalog. Based on the description, the attack can be performed remotely by an entity with network access to the FRR instance, using crafted BGP UPDATE packets to cause a denial of service. The availability impact can affect network reachability and routing stability, potentially disrupting all services that rely on the affected FRR instance.

Generated by OpenCVE AI on June 5, 2026 at 22:13 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the patch corresponding to commit 7676cad65114aa23adde58 or merge pull request 21098 to resolve the input validation issue in rfapiRibBi2Ri()
  • Upgrade FRRouting to a release newer than stable/10.6 that contains the issued patch
  • Implement BGP message filtering to reject malformed UPDATE packets before they reach FRRouting

Generated by OpenCVE AI on June 5, 2026 at 22:13 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 05 Jun 2026 22:30:00 +0000

Type Values Removed Values Added
Title Denial of Service via Crafted BGP UPDATE in FRRouting rfapiRibBi2Ri Function

Fri, 05 Jun 2026 20:30:00 +0000

Type Values Removed Values Added
Title Denial of Service via Missing Input Validation for BGP UPDATE in FRRouting
Weaknesses CWE‑20

Fri, 05 Jun 2026 18:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-20
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 05 Jun 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Frrouting
Frrouting frrouting
Vendors & Products Frrouting
Frrouting frrouting

Wed, 03 Jun 2026 16:15:00 +0000

Type Values Removed Values Added
Title Denial of Service via Missing Input Validation for BGP UPDATE in FRRouting
Weaknesses CWE‑20

Wed, 03 Jun 2026 14:15:00 +0000

Type Values Removed Values Added
Description Missing input validation in the rfapiRibBi2Ri() function (rfapi_rib.c) of FRRouting (FRR) stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message.
References

Subscriptions

Frrouting Frrouting
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-06-05T16:50:29.989Z

Reserved: 2026-04-06T00:00:00.000Z

Link: CVE-2026-37460

cve-icon Vulnrichment

Updated: 2026-06-04T18:03:33.094Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-03T14:16:42.897

Modified: 2026-06-05T18:17:17.087

Link: CVE-2026-37460

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-05T22:15:06Z

Weaknesses
  • CWE-20

    Improper Input Validation