Severity by source
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
A weakness has been identified in osrg GoBGP up to 4.3.0. This impacts the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go. Executing a manipulation of the argument data[1] can lead to off-by-one. The attack may be launched remotely. Attacks of this nature are highly complex. The exploitability is said to be difficult. This patch is called 67c059413470df64bc20801c46f64058e88f800f. A patch should be applied to remediate this issue.
AnalysisAI
Denial of service in osrg GoBGP up to version 4.3.0 via off-by-one error in the DecodeFromBytes function allows remote, unauthenticated attackers to crash the BGP daemon through manipulation of packet data, resulting in availability impact. The vulnerability requires high attack complexity and has difficult exploitability; no public exploit code or active exploitation is currently confirmed, though a patch is available from the vendor.
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Vulnerability AssessmentAI
| Risk Assessment | This vulnerability presents low-to-moderate real-world risk despite network-reachable attack vector. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with network access to a GoBGP instance (either via direct BGP peering or if GoBGP is internet-exposed) sends a specially crafted BGP message with a malicious data[1] value that triggers the off-by-one boundary condition in DecodeFromBytes. This causes the GoBGP process to access memory beyond the intended buffer bounds, resulting in a segmentation fault or similar memory violation that crashes the BGP daemon and disrupts routing services. … |
| Remediation | Upgrade osrg GoBGP to a version incorporating commit 67c059413470df64bc20801c46f64058e88f800f or later. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
An issue was discovered in GoBGP before 3.35.0. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitab
Buffer overflow in GoBGP's AIGP Attribute Parser allows remote unauthenticated attackers to manipulate the PathAttribute
An issue was discovered in GoBGP before 3.35.0. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploit
An issue was discovered in GoBGP before 3.35.0. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploit
Improper access controls in osrg GoBGP up to version 4.3.0 allow remote attackers to bypass authentication via manipulat
Improper access control in osrg GoBGP up to 4.3.0 allows remote attackers to manipulate the domainNameLen parameter in B
An issue was discovered in GoBGP before 3.35.0. Rated medium severity (CVSS 4.3), this vulnerability is no authenticatio
Same weakness CWE-193 – Off-by-one Error
View allSame technique Information Disclosure
View allVendor StatusVendor
Debian
| Release | Status | Fixed Version | Urgency |
|---|---|---|---|
| bullseye | vulnerable | 2.25.0-2 | - |
| bookworm | vulnerable | 3.10.0-1 | - |
| trixie | vulnerable | 3.36.0-2 | - |
| forky, sid | vulnerable | 4.3.0-1 | - |
| (unstable) | fixed | (unfixed) | - |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-17109