CVE-2026-5124 in GoBGP
要約 (英語)
A security vulnerability has been detected in osrg GoBGP up to 4.3.0. Affected is the function BGPHeader.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component BGP Header Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. The attack is considered to have high complexity. The exploitability is told to be difficult. The identifier of the patch is f0f24a2a901cbf159260698211ab15c583ced131. To fix this issue, it is recommended to deploy a patch.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
公開
2026年03月30日
ステータス
確認済み
エントリ
VulDB provides additional information and datapoints for this CVE:
| 識別子 | 脆弱性 | CWE | 悪用可 | 対策 | CVE |
|---|---|---|---|---|---|
| 354156 | osrg GoBGP BGP Header bgp.go BGPHeader.DecodeFromBytes 特権昇格 | 284 | 未定義 | 公式な修正 | CVE-2026-5124 |