SecuritySpace - CVE-2022-37035

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2022-37035

Description: An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP packets. User interaction is not needed for exploitation.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2022-37035
https://docs.google.com/document/d/1TqYEcZbFeDTMKe2N4XRFwyAjw_mynIHfvzwbx1fmJj8/edit?usp=sharing
https://github.com/FRRouting/frr/issues/11698
https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html

CVE ID:	CVE-2022-37035
Description:	An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP packets. User interaction is not needed for exploitation.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2022-37035 https://docs.google.com/document/d/1TqYEcZbFeDTMKe2N4XRFwyAjw_mynIHfvzwbx1fmJj8/edit?usp=sharing https://github.com/FRRouting/frr/issues/11698 https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html