| Название | GoBGP 4.3.0 Improper Handling of Length Parameter Inconsistency |
|---|
| Описание | A vulnerability was found in GoBGP 4.3.0 in the FQDN capability decoder used during BGP OPEN message processing. It has been classified as improper handling of length parameter inconsistency. The issue is located in pkg/packet/bgp/bgp.go in the function CapFQDN.DecodeFromBytes().
The parser correctly uses HostNameLen to decode the HostName field, but it does not properly use DomainNameLen when decoding the DomainName field. Instead, the implementation reads all remaining bytes in the capability buffer as the domain name.
An attacker able to supply a crafted BGP OPEN message containing an FQDN capability can cause additional trailing capability data or padding bytes to be interpreted as part of the domain name. This may lead to incorrect domain name parsing, capability decode inconsistencies, and misleading log or debug output.
The vulnerability appears to be primarily a protocol parsing correctness issue rather than a direct memory safety issue, because the read remains within the provided buffer bounds. The affected file is pkg/packet/bgp/bgp.go and the affected function is CapFQDN.DecodeFromBytes(). |
|---|
| Источник | ⚠️ https://github.com/osrg/gobgp/commit/2b09db390a3d455808363c53e409afe6b1b86d2d |
|---|
| Пользователь | rensiru (UID 96440) |
|---|
| Представление | 14.03.2026 08:44 (18 дни назад) |
|---|
| Модерация | 30.03.2026 09:46 (16 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 354154 [osrg GoBGP до 4.3.0 BGP OPEN Message pkg/packet/bgp/bgp.go DecodeFromBytes domainNameLen эскалация привилегий] |
|---|
| Баллы | 20 |
|---|