A high-severity out-of-bounds read vulnerability in the FRRouting BGP component could lead to service disruption or memory exposure.

The vulnerability is an out-of-bounds read located in the ParseIP6Extended function within the BGP routing component. This can be triggered by a specially crafted packet, causing the application to crash or potentially leak sensitive information from memory.

The CVSS score of 7.5 reflects a High-severity risk. Routing protocols are essential for network stability; a crash or compromise in FRR could lead to significant network instability, routing loops, or denial-of-service (DoS) conditions.

Immediate Action: Update FRRouting to the latest stable release containing the fix for the BGP parsing component.

Proactive Monitoring: Monitor BGP process stability and check system logs for segmentation faults or abnormal memory usage.

Compensating Controls: Use network-level filtering to ensure that only trusted BGP peers can communicate with the FRR instance.

Public Exploit Available: false

Network infrastructure components must be maintained at the latest patch levels. Given the risk to BGP stability, administrators should verify their FRRouting versions and update immediately to mitigate the potential for DoS attacks.