CVE-2026-7736
Awaiting Analysis Awaiting Analysis - Queue
Integer Underflow in GoBGP

Publication date: 2026-05-04

Last updated on: 2026-05-06

Assigner: VulDB

Description
A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the attack remotely. Upgrading to version 4.4.0 addresses this issue. This patch is called 76d911046344a3923cbe573364197aa081944592. It is suggested to upgrade the affected component.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-04
Last Modified
2026-05-06
Generated
2026-06-16
AI Q&A
2026-05-04
EPSS Evaluated
2026-06-15
NVD
CVE-2026-7736
EUVD
EUVD-2026-26916
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
osrg gobgp to 4.4.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-189
CWE-191 The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the osrg GoBGP software up to version 4.3.0, specifically in the parseRibEntry function of the file pkg/packet/mrt/mrt.go. It involves an integer underflow caused by missing bounds checks in the path attribute loop, which can be triggered by manipulating input data. This flaw allows an attacker to cause unexpected behavior during the parsing of BGP routing information.

The vulnerability can be exploited remotely, meaning an attacker does not need local access to launch the attack. The issue was fixed in version 4.4.0 by adding proper validation checks to prevent the underflow and ensure malformed input is handled safely.

Compliance Impact

The provided information does not include any details on how this vulnerability impacts compliance with common standards or regulations such as GDPR or HIPAA.

Impact Analysis

Exploiting this vulnerability can lead to integer underflow during the processing of BGP routing information, which may cause the GoBGP software to behave incorrectly or crash. This can disrupt network routing operations, potentially leading to denial of service or instability in network communications.

Since the attack can be launched remotely without authentication, it poses a significant risk to network infrastructure relying on vulnerable versions of GoBGP.

Detection Guidance

This vulnerability affects the parseRibEntry function in GoBGP versions up to 4.3.0 and involves an integer underflow triggered by malformed MRT packets. Detection would involve monitoring GoBGP logs for errors related to MRT packet parsing or unexpected crashes.

Since the vulnerability is in GoBGP's MRT packet parsing, you can check the GoBGP version running on your system to identify if it is vulnerable.

  • Check GoBGP version: `gobgp version`
  • Monitor GoBGP logs for errors related to MRT parsing or crashes.
  • Use network packet capture tools (e.g., tcpdump or Wireshark) to inspect BGP MRT packets for malformed attributes that could trigger the vulnerability.
Mitigation Strategies

The primary mitigation step is to upgrade GoBGP to version 4.4.0 or later, which includes the patch that fixes the integer underflow vulnerability in the parseRibEntry function.

Until the upgrade can be applied, consider monitoring and filtering suspicious MRT packets that could exploit the vulnerability, although no specific workaround commands are provided.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-7736. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart