UBUNTU-CVE-2026-5107
- Source
- https://ubuntu.com/security/CVE-2026-5107
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-5107.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-5107
- Upstream
- Downstream
- Related
- Published
- 2026-03-30T06:16:00Z
- Modified
- 2026-05-30T17:15:05.446982158Z
- Severity
-
- 4.2 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L CVSS Calculator
- 4.2 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L CVSS Calculator
- 2.3 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function processtype2route of the file bgpd/bgp_evpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is reported as difficult. The identifier of the patch is 7676cad65114aa23adde583d91d9d29e2debd045. To fix this issue, it is recommended to deploy a patch.
- References
Affected packages
Ubuntu:20.04:LTS
quagga
Package
- Name
- quagga
- Purl
- pkg:deb/ubuntu/quagga?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "quagga",
"binary_version": "1.2.4-4ubuntu0.5"
},
{
"binary_name": "quagga-bgpd",
"binary_version": "1.2.4-4ubuntu0.5"
},
{
"binary_name": "quagga-core",
"binary_version": "1.2.4-4ubuntu0.5"
},
{
"binary_name": "quagga-isisd",
"binary_version": "1.2.4-4ubuntu0.5"
},
{
"binary_name": "quagga-ospf6d",
"binary_version": "1.2.4-4ubuntu0.5"
},
{
"binary_name": "quagga-ospfd",
"binary_version": "1.2.4-4ubuntu0.5"
},
{
"binary_name": "quagga-pimd",
"binary_version": "1.2.4-4ubuntu0.5"
},
{
"binary_name": "quagga-ripd",
"binary_version": "1.2.4-4ubuntu0.5"
},
{
"binary_name": "quagga-ripngd",
"binary_version": "1.2.4-4ubuntu0.5"
}
]
}Ubuntu:22.04:LTS
frr
Package
- Name
- frr
- Purl
- pkg:deb/ubuntu/frr?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.1-1ubuntu1.15
Affected versions
7.*
7.5.1-1.1
8.*
8.1-1
8.1-1ubuntu1
8.1-1ubuntu1.1
8.1-1ubuntu1.2
8.1-1ubuntu1.3
8.1-1ubuntu1.4
8.1-1ubuntu1.5
8.1-1ubuntu1.6
8.1-1ubuntu1.7
8.1-1ubuntu1.8
8.1-1ubuntu1.9
8.1-1ubuntu1.10
8.1-1ubuntu1.11
8.1-1ubuntu1.13
8.1-1ubuntu1.14
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "frr",
"binary_version": "8.1-1ubuntu1.15"
},
{
"binary_name": "frr-pythontools",
"binary_version": "8.1-1ubuntu1.15"
},
{
"binary_name": "frr-rpki-rtrlib",
"binary_version": "8.1-1ubuntu1.15"
},
{
"binary_name": "frr-snmp",
"binary_version": "8.1-1ubuntu1.15"
}
]
}Ubuntu:24.04:LTS
frr
Package
- Name
- frr
- Purl
- pkg:deb/ubuntu/frr?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.4.4-1.1ubuntu6.6
Affected versions
8.*
8.4.4-1.1ubuntu1
8.4.4-1.1ubuntu3
8.4.4-1.1ubuntu4
8.4.4-1.1ubuntu5
8.4.4-1.1ubuntu6
8.4.4-1.1ubuntu6.1
8.4.4-1.1ubuntu6.2
8.4.4-1.1ubuntu6.3
8.4.4-1.1ubuntu6.4
8.4.4-1.1ubuntu6.5
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "frr",
"binary_version": "8.4.4-1.1ubuntu6.6"
},
{
"binary_name": "frr-pythontools",
"binary_version": "8.4.4-1.1ubuntu6.6"
},
{
"binary_name": "frr-rpki-rtrlib",
"binary_version": "8.4.4-1.1ubuntu6.6"
},
{
"binary_name": "frr-snmp",
"binary_version": "8.4.4-1.1ubuntu6.6"
}
]
}Ubuntu:25.10
frr
Package
- Name
- frr
- Purl
- pkg:deb/ubuntu/frr?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed10.4.1-3ubuntu1.2
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "frr",
"binary_version": "10.4.1-3ubuntu1.2"
},
{
"binary_name": "frr-pythontools",
"binary_version": "10.4.1-3ubuntu1.2"
},
{
"binary_name": "frr-rpki-rtrlib",
"binary_version": "10.4.1-3ubuntu1.2"
},
{
"binary_name": "frr-snmp",
"binary_version": "10.4.1-3ubuntu1.2"
}
]
}Ubuntu:Pro:16.04:LTS
quagga
Package
- Name
- quagga
- Purl
- pkg:deb/ubuntu/quagga?arch=source&distro=esm-infra%2Fxenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0.*
0.99.24.1-2
0.99.24.1-2ubuntu1
0.99.24.1-2ubuntu1.1
0.99.24.1-2ubuntu1.2
0.99.24.1-2ubuntu1.3
0.99.24.1-2ubuntu1.4
0.99.24.1-2ubuntu1.4+esm1
Ubuntu:Pro:18.04:LTS
quagga
Package
- Name
- quagga
- Purl
- pkg:deb/ubuntu/quagga?arch=source&distro=esm-infra%2Fbionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.1.1-3
1.1.1-3ubuntu1
1.2.2-1
1.2.2-1ubuntu1
1.2.4-1
1.2.4-1ubuntu0.1~esm1
1.2.4-1ubuntu0.1~esm2
Ecosystem specific
{
"binaries": [
{
"binary_name": "quagga",
"binary_version": "1.2.4-1ubuntu0.1~esm2"
},
{
"binary_name": "quagga-bgpd",
"binary_version": "1.2.4-1ubuntu0.1~esm2"
},
{
"binary_name": "quagga-core",
"binary_version": "1.2.4-1ubuntu0.1~esm2"
},
{
"binary_name": "quagga-isisd",
"binary_version": "1.2.4-1ubuntu0.1~esm2"
},
{
"binary_name": "quagga-ospf6d",
"binary_version": "1.2.4-1ubuntu0.1~esm2"
},
{
"binary_name": "quagga-ospfd",
"binary_version": "1.2.4-1ubuntu0.1~esm2"
},
{
"binary_name": "quagga-pimd",
"binary_version": "1.2.4-1ubuntu0.1~esm2"
},
{
"binary_name": "quagga-ripd",
"binary_version": "1.2.4-1ubuntu0.1~esm2"
},
{
"binary_name": "quagga-ripngd",
"binary_version": "1.2.4-1ubuntu0.1~esm2"
}
]
}Ubuntu:Pro:20.04:LTS
frr
Package
- Name
- frr
- Purl
- pkg:deb/ubuntu/frr?arch=source&distro=esm-apps%2Ffocal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7.2.1-1ubuntu0.2+esm4
Affected versions
6.*
6.0.2-2build2
7.*
7.2-1ubuntu1
7.2-1ubuntu2
7.2.1-1
7.2.1-1ubuntu0.1
7.2.1-1ubuntu0.2
7.2.1-1ubuntu0.2+esm1
7.2.1-1ubuntu0.2+esm2
7.2.1-1ubuntu0.2+esm3
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "frr",
"binary_version": "7.2.1-1ubuntu0.2+esm4"
},
{
"binary_name": "frr-pythontools",
"binary_version": "7.2.1-1ubuntu0.2+esm4"
},
{
"binary_name": "frr-rpki-rtrlib",
"binary_version": "7.2.1-1ubuntu0.2+esm4"
},
{
"binary_name": "frr-snmp",
"binary_version": "7.2.1-1ubuntu0.2+esm4"
}
]
}