Skip to main content

Frr CVE-2026-5107

| EUVDEUVD-2026-17060 LOW
Improper Access Control (CWE-284)
2026-03-30 VulDB
2.3
CVSS 4.0 · NVD
Temporal: 4.0

Severity by source

NVD PRIMARY
2.3 LOW
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CIRCL (temporal)
4.0 MEDIUM
cvss
SUSE
3.6 LOW
AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
Red Hat
4.2 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
EUVD ID Assigned
Mar 30, 2026 - 05:45 euvd
EUVD-2026-17060
Analysis Generated
Mar 30, 2026 - 05:45 vuln.today
Patch released
Mar 30, 2026 - 05:45 nvd
Patch available
CVE Published
Mar 30, 2026 - 05:00 nvd
LOW 2.3

DescriptionCVE.org

A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function process_type2_route of the file bgpd/bgp_evpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is reported as difficult. The identifier of the patch is 7676cad65114aa23adde583d91d9d29e2debd045. To fix this issue, it is recommended to deploy a patch.

AnalysisAI

Remote improper access control in FRRouting FRR up to version 10.5.1 allows authenticated remote attackers to bypass authorization checks in the EVPN Type-2 Route Handler (process_type2_route function), potentially leading to integrity and availability impacts. The vulnerability requires high attack complexity and authenticated access (PR:L), limiting immediate exploitation risk. An upstream fix (commit 7676cad65114aa23adde583d91d9d29e2debd045) is available; no public exploit code or active CISA KEV designation identified at time of analysis.

Technical ContextAI

FRRouting (FRR) is a free and open-source Internet routing protocol daemon suite implementing BGP, OSPF, RIP, ISIS, and other protocols on Unix-like platforms. The vulnerability exists in the EVPN (Ethernet VPN) Type-2 Route Handler within bgpd/bgp_evpn.c, specifically in the process_type2_route function. CWE-284 (Improper Access Control - Permissions, Privileges, and Other Access Controls) indicates the root cause is a failure to properly restrict access to or modification of resources. The affected component processes BGP EVPN Type-2 routes, which are used in MPLS-based Ethernet VPNs for MAC/IP advertisement. The improper access control likely allows an authenticated BGP peer to manipulate route processing logic beyond intended authorization boundaries.

RemediationAI

Upstream fix available via commit 7676cad65114aa23adde583d91d9d29e2debd045 in FRRouting's GitHub repository. Users should update FRR to the next stable release after 10.5.1 that incorporates this commit (exact version number to be confirmed by consulting FRR release notes at https://github.com/FRRouting/frr/releases). For immediate protection pending a stable release, apply the commit directly via cherry-pick or await the next tagged release. Organizations can reduce exposure by implementing strict BGP peer authentication, limiting BGP session acceptance to trusted peers only, and monitoring BGP route advertisements for anomalies. No vendor-provided workaround independent of patching is documented.

Vendor StatusVendor

Debian

Bug #1132329
frr
Release Status Fixed Version Urgency
bullseye vulnerable 7.5.1-1.1+deb11u2 -
bullseye (security) vulnerable 7.5.1-1.1+deb11u4 -
bookworm, bookworm (security) vulnerable 8.4.4-1.1~deb12u1 -
trixie vulnerable 10.3-3 -
forky vulnerable 10.5.3-1 -
sid fixed 10.6.0-2 -
(unstable) fixed 10.6.0-2 -

SUSE

Severity: Low
Product Status
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Server Applications 15 SP7 Fixed
SUSE Linux Enterprise Server 15 SP7 Fixed
SUSE Linux Enterprise Server 16.0 Fixed
SUSE Linux Enterprise Server 16.1 Fixed

Share

CVE-2026-5107 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy