CVE-2025-43972
CVE Details
Visit the official vulnerability details page for CVE-2025-43972 to learn more.
Initial Publication
04/22/2025
Last Update
09/04/2025
Third Party Dependency
github.com/osrg/gobgp/v3
NIST CVE Summary
An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context.
CVE Severity
Our Official Summary
This is a denial-of-service vulnerability in GoBGP versions prior to 3.35.0. It allows a remote attacker to crash the GoBGP process by sending a malformed Flowspec NLRI packet that is under 20 bytes—resulting in a panic due to out-of-bounds slice access in pkg/packet/bgp/bgp.go.
There are no known instances of projects using these components such as kube-vip and calico being affected by this CVE, as this happens only under specific circumstances.
The risk of exploitation is considered low, as it requires both knowledge of the configuration and privileged access to the services using the BGP component. The impact if compromised is considered medium as it could affect cluster network and access depending on the configuration.
Upstream patches addressing these issues are available and will be adopted to remediate the vulnerabilities.
Status
Ongoing
Affected Products & Versions
| Version | Palette Enterprise | Palette Enterprise Airgap | VerteX | VerteX Airgap |
|---|---|---|---|---|
| 4.7.16 | ⚠️ Impacted | ✅ No Impact | ⚠️ Impacted | ⚠️ Impacted |
| 4.6.41 | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted |
Revision History
| Date | Revision |
|---|---|
| 08/18/2025 | Official summary revised: This is a denial-of-service vulnerability in GoBGP versions prior to 3.35.0. It allows a remote attacker to crash the GoBGP process by sending a malformed Flowspec NLRI packet that is under 20 bytes—resulting in a panic due to out-of-bounds slice access in pkg/packet/bgp/bgp.go.There are no known instances of projects using these components such as kube-vip and calico being affected by this CVE, as this happens only under specific circumstances.The risk of exploitation is considered low, as it requires both knowledge of the configuration and privileged access to the services using the BGP component. The impact if compromised is considered medium as it could affect cluster network and access depending on the configuration.Upstream patches addressing these issues are available and will be adopted to remediate the vulnerabilities. |
| 08/12/2025 | Official summary revised: By sending fewer than 20 bytes of data under specific conditions, an attacker can trigger an application crash. This vulnerability may result in a denial of service, affecting the availability of the BGP service and potentially disrupting network operations.The risk of exploitation is considered low, as it requires both knowledge of the configuration and privileged access to the containers. Additionally, the impact is limited due to containerization, which restricts the attack surface. Upstream patches addressing these issues are available and will be adopted to remediate the vulnerabilities. |
| 05/20/2025 | Status changed from Open to Ongoing |
| 05/15/2025 | Advisory severity revised to HIGH from |