CVE-2019-5892
moderate-risk
Published 2019-01-10
bgpd in FRRouting FRR (aka Free Range Routing) 2.x and 3.x before 3.0.4, 4.x before 4.0.1, 5.x before 5.0.2, and 6.x before 6.0.2 (not affecting Cumulus Linux or VyOS), when ENABLE_BGP_VNC is used for Virtual Network Control, allows remote attackers to cause a denial of service (peering session flap) via attribute 255 in a BGP UPDATE packet. This occurred during Disco in January 2019 because FRR does not implement RFC 7606, and therefore the packets with 255 were considered invalid VNC data and the BGP session was closed.
Do I need to act?
~
3.6% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.5/10
Medium
NETWORK
/ LOW complexity
Affected Vendors
References (14)
Vendor Advisory
https://frrouting.org/community/security/cve-2019-5892.html
Release Notes
https://github.com/FRRouting/frr/releases/tag/frr-3.0.4
Release Notes
https://github.com/FRRouting/frr/releases/tag/frr-4.0.1
Release Notes
https://github.com/FRRouting/frr/releases/tag/frr-5.0.2
Release Notes
https://github.com/FRRouting/frr/releases/tag/frr-6.0.2
Vendor Advisory
https://frrouting.org/community/security/cve-2019-5892.html
Release Notes
https://github.com/FRRouting/frr/releases/tag/frr-3.0.4
Release Notes
https://github.com/FRRouting/frr/releases/tag/frr-4.0.1
Release Notes
https://github.com/FRRouting/frr/releases/tag/frr-5.0.2
Release Notes
https://github.com/FRRouting/frr/releases/tag/frr-6.0.2
38
/ 100
moderate-risk
Severity
24/34 · High
Exploitability
7/34 · Low
Exposure
7/34 · Low