Описание
FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_rmt_itf_addr function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.
A NULL pointer dereference vulnerability was found in FRRouting within the show_vty_ext_link_rmt_itf_addr function within ospf_ext.c. When the OSPF daemon (ospfd) is configured with the debug command debug ospf packet all send/recv detail, it attempts to display detailed information of OSPF packets. However, under certain malformed OSPF packet conditions, the function may attempt to access a NULL pointer.
Отчет
This issue is rated Moderate rather than Important because it depends on a very specific and non-default runtime condition for exploitation. The vulnerable code path is only reachable when OSPF detailed packet debugging (debug ospf packet all send/recv detail) is explicitly enabled, which is typically used for temporary diagnostic purposes and not in production environments. In normal operation, the affected function is not invoked, thereby significantly reducing exposure. Furthermore, the flaw leads solely to a NULL pointer dereference, causing a crash of the ospfd process without memory corruption or control-flow hijacking potential.
Меры по смягчению последствий
No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | frr | Fix deferred | ||
| Red Hat Enterprise Linux 8 | frr | Fix deferred | ||
| Red Hat Enterprise Linux 9 | frr | Fix deferred |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
5.9 Medium
CVSS3
Связанные уязвимости
FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_rmt_itf_addr function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.
FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_rmt_itf_addr function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.
FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_rmt_itf_addr function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.
FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NU ...
FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_rmt_itf_addr function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.
EPSS
5.9 Medium
CVSS3