An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds to a situation in which all bytes are available for an RTR message.
A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.