CVE-2024-31948

Опубликовано: 07 апр. 2024

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash.

Ссылки

https://github.com/FRRouting/frr/pull/15628
Issue Tracking
Third Party Advisory
https://github.com/FRRouting/frr/pull/15628/commits/ba6a8f1a31e1a88df2de69ea46068e8bd9b97138
Patch
https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html
Mailing List
https://github.com/FRRouting/frr/pull/15628
Issue Tracking
Third Party Advisory
https://github.com/FRRouting/frr/pull/15628/commits/ba6a8f1a31e1a88df2de69ea46068e8bd9b97138
Patch
https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html
Mailing List

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:*

Версия до 9.1 (включая)

EPSS

Процентиль: 24%

0.00078

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-1287

Связанные уязвимости

CVE-2024-31948

CVSS3: 6.5

ubuntu

около 1 года назад

In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash.

CVE-2024-31948

CVSS3: 6.5

redhat

около 1 года назад

In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash.

CVE-2024-31948

CVSS3: 6.5

debian

около 1 года назад

In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix S ...

SUSE-SU-2024:1475-1

suse-cvrf

около 1 года назад

Security update for frr

GHSA-56vm-qxhc-5p2f

CVSS3: 6.5

github

около 1 года назад

In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash.

EPSS

Процентиль: 24%

0.00078

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-1287