{"api_version":"1","generated_at":"2026-04-23T01:33:15+00:00","cve":"CVE-2022-43681","urls":{"html":"https://cve.report/CVE-2022-43681","api":"https://cve.report/api/cve/CVE-2022-43681.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-43681","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-43681"},"summary":{"title":"CVE-2022-43681","description":"An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet (or the option length word, in case of an extended OPEN message), the FRR code reads of out of the bounds of the packet, throwing a SIGABRT signal and exiting. This results in a bgpd daemon restart, causing a Denial-of-Service condition.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2023-05-03 12:16:00","updated_at":"2023-09-19 22:15:00"},"problem_types":["CWE-125"],"metrics":[],"references":[{"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00020.html","name":"[debian-lts-announce] 20230919 [SECURITY] [DLA 3573-1] frr security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 3573-1] frr security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.debian.org/security/2023/dsa-5495","name":"DSA-5495","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-5495-1 frr","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://forescout.com","name":"https://forescout.com","refsource":"MISC","tags":[],"title":"Forescout – Automated Cybersecurity Across Your Digital Terrain","mime":"text/html","httpstatus":"403","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-43681","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-43681","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"43681","vulnerable":"1","versionEndIncluding":"8.4","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"frrouting","cpe5":"frrouting","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-43681","qid":"161127","title":"Oracle Enterprise Linux Security Update for frr (ELSA-2023-6434)"},{"cve":"CVE-2022-43681","qid":"242282","title":"Red Hat Update for frr (RHSA-2023:6434)"},{"cve":"CVE-2022-43681","qid":"6000142","title":"Debian Security Update for frr (DLA 3573-1)"},{"cve":"CVE-2022-43681","qid":"6000208","title":"Debian Security Update for frr (DSA 5495-1)"},{"cve":"CVE-2022-43681","qid":"941350","title":"AlmaLinux Security Update for frr (ALSA-2023:6434)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2022-43681","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet (or the option length word, in case of an extended OPEN message), the FRR code reads of out of the bounds of the packet, throwing a SIGABRT signal and exiting. This results in a bgpd daemon restart, causing a Denial-of-Service condition."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://forescout.com","refsource":"MISC","name":"https://forescout.com"},{"refsource":"DEBIAN","name":"DSA-5495","url":"https://www.debian.org/security/2023/dsa-5495"},{"refsource":"MLIST","name":"[debian-lts-announce] 20230919 [SECURITY] [DLA 3573-1] frr security update","url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00020.html"}]}},"nvd":{"publishedDate":"2023-05-03 12:16:00","lastModifiedDate":"2023-09-19 22:15:00","problem_types":["CWE-125"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:*","versionEndIncluding":"8.4","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}