CVE-2019-5892

MEDIUM

Frrouting < 2.0.2 - Interpretation Conflict

Title source: rule

Description

bgpd in FRRouting FRR (aka Free Range Routing) 2.x and 3.x before 3.0.4, 4.x before 4.0.1, 5.x before 5.0.2, and 6.x before 6.0.2 (not affecting Cumulus Linux or VyOS), when ENABLE_BGP_VNC is used for Virtual Network Control, allows remote attackers to cause a denial of service (peering session flap) via attribute 255 in a BGP UPDATE packet. This occurred during Disco in January 2019 because FRR does not implement RFC 7606, and therefore the packets with 255 were considered invalid VNC data and the BGP session was closed.

References (7)

[Release Notes, Third Party Advisory] https://github.com/FRRouting/frr/releases/tag/frr-3.0.4

[Patch, Vendor Advisory] https://lists.frrouting.org/pipermail/frog/2019-January/000404.html

[Release Notes, Third Party Advisory] https://github.com/FRRouting/frr/releases/tag/frr-5.0.2

[Release Notes, Third Party Advisory] https://github.com/FRRouting/frr/releases/tag/frr-6.0.2

[Patch, Third Party Advisory] https://github.com/FRRouting/frr/commit/943d595a018e69b550db08cccba1d0778a86705a

View Patch ZIP pw:eip

[Vendor Advisory] https://frrouting.org/community/security/cve-2019-5892.html

[Release Notes, Third Party Advisory] https://github.com/FRRouting/frr/releases/tag/frr-4.0.1

Scores

CVSS v3 6.5

EPSS 0.0360

EPSS Percentile 87.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-436

Status published

Products (2)

frrouting/frrouting 4.0

frrouting/frrouting 2.0 - 2.0.2

Published Jan 10, 2019

Tracked Since Feb 18, 2026