Wiz
Vulnerability DatabaseCVE-2022-26127

CVE-2022-26127
Linux Debian vulnerability analysis and mitigation

Overview

A buffer overflow vulnerability (CVE-2022-26127) was identified in FRRouting through version 8.1.0. The vulnerability exists due to missing a check on the input packet length in the babel_packet_examin function located in babeld/message.c (Debian Security).

Technical details

The vulnerability stems from a missing validation check between packetlen and bodylen parameters before accessing memory in the babel_packet_examin function. The code fails to verify the relationship between these parameters, which can lead to buffer overflow conditions when accessing memory at specific locations in the code. The issue can be triggered when processing malformed network packets (GitHub Issue).

Impact

The vulnerability could allow an attacker to cause buffer overflow conditions, potentially leading to remote code execution or system crashes. When exploited, the issue can result in denial of service conditions affecting the FRRouting service (Ubuntu Security).

Mitigation and workarounds

The vulnerability has been patched in various distributions. Debian has released security updates (7.5.1-1.1+deb11u4 for bullseye), Ubuntu has provided fixes (7.2.1-1ubuntu0.2+esm2 for Ubuntu 20.04), and upstream FRRouting has addressed the issue. Users are advised to upgrade to the latest patched versions (Debian LTS).

Additional resources

SourceThis report was generated using AI

Related Linux Debian vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-33230HIGH7.3
  • Linux DebianLinux Debian
  • nvidia-cuda-toolkit
NoNoJan 20, 2026
CVE-2025-33229HIGH7.3
  • Linux DebianLinux Debian
  • nvidia-cuda-toolkit
NoNoJan 20, 2026
CVE-2025-33228HIGH7.3
  • Linux DebianLinux Debian
  • nvidia-cuda-toolkit
NoNoJan 20, 2026
CVE-2025-33231MEDIUM6.7
  • Linux DebianLinux Debian
  • nvidia-cuda-toolkit
NoNoJan 20, 2026
CVE-2025-15281N/AN/A
  • WolfiWolfi
  • glibc-langpack-anp
NoYesJan 20, 2026

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo