Описание
In FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ri for OSPF LSA packets during an attempt to read Segment Routing subTLVs (their size is not validated).
A buffer overflow vulnerability was found in FRRouting. There can be a buffer overflow and daemon crash in ospf_te_parse_ri for OSPF LSA packets during an attempt to read Segment Routing subTLVs.
Отчет
The buffer overflow vulnerability in FRRouting's ospf_te_parse_ri function, specifically when processing OSPF LSA packets containing Segment Routing subTLVs, is classified as a moderate severity issue. While buffer overflows can potentially lead to arbitrary code execution or daemon crashes, this particular vulnerability requires an attacker to send specially crafted OSPF LSA packets to the vulnerable component. Exploiting this vulnerability requires knowledge of the network topology and access to send malicious OSPF packets, making it more challenging for remote attackers to exploit. However, within an affected network, an attacker with the capability to send crafted OSPF packets could potentially disrupt the OSPF routing process or cause the FRRouting daemon to crash, leading to service interruptions or denial of service conditions.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 8 | frr | Will not fix | ||
| Red Hat Enterprise Linux 9 | frr | Will not fix |
Показывать по
Дополнительная информация
Статус:
7 High
CVSS3
Связанные уязвимости
In FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ri for OSPF LSA packets during an attempt to read Segment Routing subTLVs (their size is not validated).
In FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ri for OSPF LSA packets during an attempt to read Segment Routing subTLVs (their size is not validated).
In FRRouting (FRR) through 9.1, there can be a buffer overflow and dae ...
In FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ri for OSPF LSA packets during an attempt to read Segment Routing subTLVs (their size is not validated).
7 High
CVSS3