Описание
FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospf_opaque_lsa_dump function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) under specific malformed LSA conditions.
A NULL pointer dereference vulnerability was found in FRRouting within the ospf_opaque_lsa_dump function within ospf_opaque.c. When the OSPF daemon (ospfd) has the debug command debug ospf packet all send/recv detail enabled, it attempts to dump detailed information for received or sent OSPF packets. Under specific malformed LSA conditions, the function may dereference a NULL pointer, leading to a crash of the OSPF process and resulting in a Denial of Service (DoS).
Отчет
This issue is rated Moderate rather than Important because it depends on a very specific and non-default runtime condition for exploitation. The vulnerable code path is only reachable when OSPF detailed packet debugging (debug ospf packet all send/recv detail) is explicitly enabled, which is typically used for temporary diagnostic purposes and not in production environments. In normal operation, the affected function is not invoked, thereby significantly reducing exposure. Furthermore, the flaw leads solely to a NULL pointer dereference, causing a crash of the ospfd process without memory corruption or control-flow hijacking potential.
Меры по смягчению последствий
No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | frr | Fix deferred | ||
| Red Hat Enterprise Linux 8 | frr | Fix deferred | ||
| Red Hat Enterprise Linux 9 | frr | Fix deferred |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
5.9 Medium
CVSS3
Связанные уязвимости
FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospf_opaque_lsa_dump function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) under specific malformed LSA conditions.
FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospf_opaque_lsa_dump function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) under specific malformed LSA conditions.
FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospf_opaque_lsa_dump function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) under specific malformed LSA conditions.
FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NU ...
FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospf_opaque_lsa_dump function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) under specific malformed LSA conditions.
5.9 Medium
CVSS3