Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2024-31951

Опубликовано: 07 апр. 2024
Источник: debian
EPSS Низкий

Описание

In the Opaque LSA Extended Link parser in FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs (lengths are not validated).

Пакеты

ПакетСтатусВерсия исправленияРелизТип
frrfixed10.0.1-0.1package
frrnot-affectedbullseyepackage
frrnot-affectedbusterpackage

Примечания

  • https://github.com/FRRouting/frr/pull/15674/

  • https://github.com/FRRouting/frr/commit/f69d1313b19047d3d83fc2b36a518355b861dfc4

  • https://github.com/FRRouting/frr/commit/5557a289acdaeec8cc63ffc97b5c2abf6dee7b3a

  • https://github.com/FRRouting/frr/commit/8c177d69e32b91b45bda5fc5da6511fa03dc11ca

  • https://github.com/FRRouting/frr/commit/e08495a4a8ad4d2050691d9e5e13662d2635b2e0

  • vulnerable feature introduced in https://github.com/FRRouting/frr/commit/f173deb35206a09e8dc22828cb08638e289b72a5 (first shipped with 8.0)

EPSS

Процентиль: 13%
0.00045
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2024-31951

CVSS3: 6.5
ubuntu
около 1 года назад

In the Opaque LSA Extended Link parser in FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs (lengths are not validated).

redhat логотип

CVE-2024-31951

CVSS3: 7
redhat
около 1 года назад

In the Opaque LSA Extended Link parser in FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs (lengths are not validated).

nvd логотип

CVE-2024-31951

CVSS3: 6.5
nvd
около 1 года назад

In the Opaque LSA Extended Link parser in FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs (lengths are not validated).

msrc логотип

CVE-2024-31951

CVSS3: 6.5
msrc
10 месяцев назад

Описание отсутствует

github логотип

GHSA-h4c3-x7vv-8q28

CVSS3: 6.5
github
около 1 года назад

In the Opaque LSA Extended Link parser in FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs (lengths are not validated).

EPSS

Процентиль: 13%
0.00045
Низкий