What the vulnerability does
01Description
An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending on the address family).
CVSS base score
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
What the vulnerability does
An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending on the address family).
Key dates
External resources
Related vulnerabilities