CVE-2026-7734
Denial of Service in GoBGP SRv6 L3 Service
Publication date: 2026-05-04
Last updated on: 2026-05-06
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| osrg | gobgp | to 4.4.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-404 | The product does not release or incorrectly releases a resource before it is made available for re-use. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability CVE-2026-7734 is an issue in the GoBGP software, specifically in the SRv6 L3 Service component's decoding functions. It occurs in the SRv6L3ServiceAttribute.DecodeFromBytes method when processing certain data packets. Due to incorrect handling of unknown sub-TLV types, the function enters an infinite loop by repeatedly processing the same data without advancing, causing the BGP daemon to become unresponsive.
This infinite loop happens because the code advances the wrong variable when skipping unknown sub-TLVs, which prevents the loop iterator from moving forward. The problem affects GoBGP versions up to 4.3.0 and can be triggered remotely.
Upgrading to version 4.4.0 fixes this issue by correcting the variable advancement during decoding.
How can this vulnerability impact me? :
This vulnerability can cause a denial of service (DoS) condition by making the GoBGP daemon unresponsive. Since the BGP daemon is responsible for routing decisions, an unresponsive daemon can disrupt network routing and connectivity.
An attacker can exploit this remotely, potentially causing network outages or degraded network performance by triggering the infinite loop in the decoding function.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability causes the GoBGP daemon to enter an infinite loop when processing certain malformed SRv6 L3 Service attributes, leading to the daemon becoming unresponsive.
Detection can be performed by monitoring the GoBGP process for unresponsiveness or high CPU usage, which may indicate the infinite loop condition.
Additionally, network traffic capturing and inspection tools can be used to identify malformed BGP packets containing SRv6 L3 Service attributes with unknown or malformed sub-TLVs that trigger the vulnerability.
- Use system monitoring commands like `top` or `htop` to check if the GoBGP daemon process is consuming excessive CPU or is unresponsive.
- Use `ps aux | grep gobgp` to check the status of the GoBGP process.
- Capture BGP traffic with `tcpdump -i <interface> port 179 -w gobgp_traffic.pcap` and analyze it with Wireshark or similar tools to look for malformed SRv6 L3 Service attributes.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade the GoBGP software to version 4.4.0 or later, where this vulnerability has been fixed.
Until the upgrade can be performed, consider restricting or filtering BGP traffic from untrusted sources to prevent malicious packets that exploit this vulnerability.
Monitoring the GoBGP daemon for signs of unresponsiveness and restarting the service if necessary can help maintain availability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not include any details about the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.