Vulnerability Details : CVE-2022-26127
A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to missing a check on the input packet length in the babel_packet_examin function in babeld/message.c.
Vulnerability category: OverflowInput validation
Products affected by CVE-2022-26127
- cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-26127
0.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 41 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-26127
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2022-26127
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by:
- nvd@nist.gov (Primary)
- secalert@redhat.com (Secondary)
-
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.Assigned by: nvd@nist.gov (Primary)
References for CVE-2022-26127
-
https://github.com/FRRouting/frr/issues/10487
Miss a check on length in Babel · Issue #10487 · FRRouting/frr · GitHubExploit;Issue Tracking;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html
[SECURITY] [DLA 3797-1] frr security update
Jump to