glvd logo
glvd logo
Garden Linux Vulnerability Database
CVE Description

"A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function process_type2_route of the file bgpd/bgp_evpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is reported as difficult. The identifier of the patch is 7676cad65114aa23adde583d91d9d29e2debd045. To fix this issue, it is recommended to deploy a patch."

Metadata

Vulnerability Status Published Date Modified Date Ingested Date
Awaiting Analysis 2026-03-30T06:16:05.510 2026-03-30T13:26:07.647 2026-03-30 13:26:07.647+00

CVSS Scores

CVSS Version Base Score DEB CVSS Severity Vector String
4.0 2.3 MEDIUM CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
3.1 4.2 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
2 3.6 MEDIUM AV:N/AC:H/Au:S/C:N/I:P/A:P

Affected Linux Images

Distro Version Source Package Package Version Is Vulnerable Is fixed in Version
gardenlinux metal-cilium-k3s-osc-vhost-1435.0-4a8f67f4 frr 9.0.1-0gardenlinux1 true 10.6.0-2
gardenlinux metal-cilium-k3s-osc-1435.0-4a8f67f4 frr 9.0.1-0gardenlinux1 true 10.6.0-2
gardenlinux metal-cilium-k3s-osc-vhost-1461.0-e82c34ca frr 9.0.2-0gardenlinux0 true 10.6.0-2
gardenlinux metal-cilium-k3s-osc-1461.0-e82c34ca frr 9.0.2-0gardenlinux0 true 10.6.0-2
gardenlinux metal-cilium-k3s-osc-vhost-1504.0-6aac186b frr 10.0-2gardenlinux0 true 10.6.0-2
gardenlinux metal-cilium-k3s-osc-1504.0-6aac186b frr 10.0-2gardenlinux0 true 10.6.0-2
gardenlinux metal-cilium-k3s-osc-vhost-1510.0-0eb2d8b0 frr 10.0-2gardenlinux0 true 10.6.0-2
gardenlinux metal-cilium-k3s-osc-1510.0-0eb2d8b0 frr 10.0-2gardenlinux0 true 10.6.0-2
gardenlinux metal-cilium-k3s-osc-vhost-1569.0-5a8afbfa frr 10.0-2gardenlinux0 true 10.6.0-2
gardenlinux metal-cilium-k3s-osc-1569.0-5a8afbfa frr 10.0-2gardenlinux0 true 10.6.0-2
gardenlinux metal-cilium-k3s-osc-vhost-1605.0-490ed850 frr 10.0.1-0.1gardenlinux0 true 10.6.0-2
gardenlinux metal-cilium-k3s-osc-1605.0-490ed850 frr 10.0.1-0.1gardenlinux0 true 10.6.0-2
gardenlinux metal-cilium-k3s-osc-ucode-vhost-1721.0-9802b525 frr 10.1.1-0.1gl0 true 10.6.0-2
gardenlinux metal-cilium-k3s-osc-ucode-1721.0-9802b525 frr 10.1.1-0.1gl0 true 10.6.0-2
debian_linux 13 frr 10.3-3 true 10.6.0-2
debian_linux 12 frr 8.4.4-1.1~deb12u1 true 10.6.0-2
gardenlinux metal-cilium-k3s-osc-router-ucode-1721.0-9802b525 frr 10.1.1-0.1gl0 true 10.6.0-2
gardenlinux metal-cilium-k3s-osc-ucode-vhost-1862.0-6be879c6 frr 10.3-0gl1 true 10.6.0-2
gardenlinux metal-cilium-k3s-osc-ucode-1862.0-6be879c6 frr 10.3-0gl1 true 10.6.0-2
gardenlinux metal-cilium-k3s-osc-router-ucode-1862.0-6be879c6 frr 10.3-0gl1 true 10.6.0-2
debian_linux 14 frr 10.6.0-2 true 10.6.0-2