CVE-2024-44070: 
CBL Mariner vulnerability analysis and mitigation

An issue was discovered in FRRouting (FRR) through version 10.1, where the bgpattrencap function in bgpd/bgp_attr.c fails to verify the actual remaining stream length before processing TLV values (NVD, Ubuntu).

The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (High) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, indicating a network-accessible vulnerability requiring no privileges or user interaction to exploit. The issue specifically affects the BGP attribute handling functionality in the FRRouting suite (NVD).

The vulnerability can be exploited by a remote attacker to cause FRRouting to crash, resulting in a denial of service condition. The impact is primarily focused on availability, with no direct effect on confidentiality or integrity (Ubuntu Security Notice).

The issue has been fixed in multiple versions across different distributions. Ubuntu has released patches for versions 24.10 (10.0.1-0.1ubuntu3), 24.04 (8.4.4-1.1ubuntu6.3), 22.04 (8.1-1ubuntu1.13), and 20.04 (7.2.1-1ubuntu0.2+esm3). Users are advised to update their systems to the patched versions (Ubuntu Security Notice).