| 제목 | GoBGP 4.3.0 Improper Handling of Length Parameter Inconsistency |
|---|
| 설명 | A vulnerability was found in GoBGP 4.3.0 in the FQDN capability decoder used during BGP OPEN message processing. It has been classified as improper handling of length parameter inconsistency. The issue is located in pkg/packet/bgp/bgp.go in the function CapFQDN.DecodeFromBytes().
The parser correctly uses HostNameLen to decode the HostName field, but it does not properly use DomainNameLen when decoding the DomainName field. Instead, the implementation reads all remaining bytes in the capability buffer as the domain name.
An attacker able to supply a crafted BGP OPEN message containing an FQDN capability can cause additional trailing capability data or padding bytes to be interpreted as part of the domain name. This may lead to incorrect domain name parsing, capability decode inconsistencies, and misleading log or debug output.
The vulnerability appears to be primarily a protocol parsing correctness issue rather than a direct memory safety issue, because the read remains within the provided buffer bounds. The affected file is pkg/packet/bgp/bgp.go and the affected function is CapFQDN.DecodeFromBytes(). |
|---|
| 원천 | ⚠️ https://github.com/osrg/gobgp/commit/2b09db390a3d455808363c53e409afe6b1b86d2d |
|---|
| 사용자 | rensiru (UID 96440) |
|---|
| 제출 | 2026. 03. 14. AM 08:44 (17 날 ago) |
|---|
| 모더레이션 | 2026. 03. 30. AM 09:46 (16 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 354154 [osrg GoBGP 까지 4.3.0 BGP OPEN Message pkg/packet/bgp/bgp.go DecodeFromBytes domainNameLen 권한 상승] |
|---|
| 포인트들 | 20 |
|---|