An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP packets. User interaction is not needed for exploitation. CREATE(Triage):(User=admin) CVE-2022-37035 (https://nvd.nist.gov/vuln/detail/CVE-2022-37035)
