We have replayed the vulnerability in the vyos 3.13.11-1 device versions. And We perform debugging analysis on this vulnerability version. Because we have not obtained the new version of the device, this vulnerability may exist in the device of a higher version, please check.
There are three vulnerability, and it is caused by a Use-After-Free and an insufficient check of null pointer.
And then I may need you to provide an email and I will provide POC and a detailed vulnerability report. Here is my email: [email protected]