CVE-2025-7464: Out-of-Bounds Read in osrg GoBGP
A vulnerability classified as problematic has been found in osrg GoBGP up to 3.37.0. Affected is the function SplitRTR of the file pkg/packet/rtr/rtr.go. The manipulation leads to out-of-bounds read. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The name of the patch is e748f43496d74946d14fed85c776452e47b99d64. It is recommended to apply a patch to fix this issue.
AI Analysis
Technical Summary
CVE-2025-7464 is a medium-severity vulnerability identified in the osrg GoBGP software, versions up to 3.37.0. GoBGP is an open-source implementation of the Border Gateway Protocol (BGP), widely used for routing decisions on the internet and within large enterprise networks. The vulnerability exists in the SplitRTR function within the pkg/packet/rtr/rtr.go source file. Specifically, it is an out-of-bounds read flaw, which occurs when the function improperly handles input data, allowing it to read memory beyond the intended buffer boundaries. This can lead to information disclosure or potentially cause the application to behave unpredictably. The vulnerability can be exploited remotely without authentication or user interaction, but the attack complexity is considered high and exploitability is difficult, indicating that a skilled attacker would be required to successfully leverage this flaw. No known exploits are currently reported in the wild. The issue was patched in commit e748f43496d74946d14fed85c776452e47b99d64. The CVSS 4.0 vector (AV:N/AC:H/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X) reflects a network attack vector with high complexity, no privileges or user interaction needed, no impact on confidentiality, integrity, or availability, and limited impact on availability (low). This suggests the primary risk is limited information leakage or minor disruption rather than full system compromise. Given GoBGP’s role in routing infrastructure, exploitation could potentially affect network stability or leak routing information if successfully triggered.
Potential Impact
For European organizations, the impact of this vulnerability depends largely on their use of GoBGP in critical network infrastructure. Many ISPs, cloud providers, and large enterprises in Europe rely on BGP implementations for routing traffic across their networks. An out-of-bounds read vulnerability could allow attackers to glean sensitive routing information or cause instability in routing processes, potentially leading to degraded network performance or outages. While the vulnerability does not directly enable code execution or privilege escalation, any disruption in BGP routing can have cascading effects on network availability and reliability. European organizations with complex, large-scale networks or those operating internet exchange points (IXPs) are particularly at risk. Additionally, the high complexity and difficulty of exploitation reduce the likelihood of widespread attacks but do not eliminate targeted attacks against high-value infrastructure. The lack of known exploits in the wild currently limits immediate risk, but proactive patching is critical to prevent future exploitation attempts.
Mitigation Recommendations
European organizations should prioritize applying the official patch identified by commit e748f43496d74946d14fed85c776452e47b99d64 to all affected GoBGP instances. Network administrators should audit their environments to identify all GoBGP deployments, including embedded systems and network appliances that may use GoBGP internally. Implement strict input validation and monitoring on BGP sessions to detect anomalous or malformed packets that could trigger the vulnerability. Employ network segmentation and access controls to limit exposure of BGP routers to untrusted networks, reducing the attack surface. Regularly update and patch routing software as part of a robust vulnerability management program. Additionally, monitoring network traffic for unusual routing updates or instability can help detect exploitation attempts early. Given the high complexity of exploitation, investing in threat intelligence and anomaly detection focused on BGP behavior is recommended to enhance detection capabilities.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Italy, Spain, Poland
CVE-2025-7464: Out-of-Bounds Read in osrg GoBGP
Description
A vulnerability classified as problematic has been found in osrg GoBGP up to 3.37.0. Affected is the function SplitRTR of the file pkg/packet/rtr/rtr.go. The manipulation leads to out-of-bounds read. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The name of the patch is e748f43496d74946d14fed85c776452e47b99d64. It is recommended to apply a patch to fix this issue.
AI-Powered Analysis
Technical Analysis
CVE-2025-7464 is a medium-severity vulnerability identified in the osrg GoBGP software, versions up to 3.37.0. GoBGP is an open-source implementation of the Border Gateway Protocol (BGP), widely used for routing decisions on the internet and within large enterprise networks. The vulnerability exists in the SplitRTR function within the pkg/packet/rtr/rtr.go source file. Specifically, it is an out-of-bounds read flaw, which occurs when the function improperly handles input data, allowing it to read memory beyond the intended buffer boundaries. This can lead to information disclosure or potentially cause the application to behave unpredictably. The vulnerability can be exploited remotely without authentication or user interaction, but the attack complexity is considered high and exploitability is difficult, indicating that a skilled attacker would be required to successfully leverage this flaw. No known exploits are currently reported in the wild. The issue was patched in commit e748f43496d74946d14fed85c776452e47b99d64. The CVSS 4.0 vector (AV:N/AC:H/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X) reflects a network attack vector with high complexity, no privileges or user interaction needed, no impact on confidentiality, integrity, or availability, and limited impact on availability (low). This suggests the primary risk is limited information leakage or minor disruption rather than full system compromise. Given GoBGP’s role in routing infrastructure, exploitation could potentially affect network stability or leak routing information if successfully triggered.
Potential Impact
For European organizations, the impact of this vulnerability depends largely on their use of GoBGP in critical network infrastructure. Many ISPs, cloud providers, and large enterprises in Europe rely on BGP implementations for routing traffic across their networks. An out-of-bounds read vulnerability could allow attackers to glean sensitive routing information or cause instability in routing processes, potentially leading to degraded network performance or outages. While the vulnerability does not directly enable code execution or privilege escalation, any disruption in BGP routing can have cascading effects on network availability and reliability. European organizations with complex, large-scale networks or those operating internet exchange points (IXPs) are particularly at risk. Additionally, the high complexity and difficulty of exploitation reduce the likelihood of widespread attacks but do not eliminate targeted attacks against high-value infrastructure. The lack of known exploits in the wild currently limits immediate risk, but proactive patching is critical to prevent future exploitation attempts.
Mitigation Recommendations
European organizations should prioritize applying the official patch identified by commit e748f43496d74946d14fed85c776452e47b99d64 to all affected GoBGP instances. Network administrators should audit their environments to identify all GoBGP deployments, including embedded systems and network appliances that may use GoBGP internally. Implement strict input validation and monitoring on BGP sessions to detect anomalous or malformed packets that could trigger the vulnerability. Employ network segmentation and access controls to limit exposure of BGP routers to untrusted networks, reducing the attack surface. Regularly update and patch routing software as part of a robust vulnerability management program. Additionally, monitoring network traffic for unusual routing updates or instability can help detect exploitation attempts early. Given the high complexity of exploitation, investing in threat intelligence and anomaly detection focused on BGP behavior is recommended to enhance detection capabilities.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-07-11T11:50:08.558Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 6875696ba83201eaaccaa8c1
Added to database: 7/14/2025, 8:32:43 PM
Last enriched: 7/14/2025, 8:33:17 PM
Last updated: 8/17/2025, 3:56:39 PM
Views: 26
Related Threats
CVE-2025-3495: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Delta Electronics COMMGR
CriticalCVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.