Описание
FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LSA Update packet.
A flaw was found in frr. When the OSPF daemon (ospfd) is configured with the debug command "debug ospf packet all send/recv detail", it attempts to print detailed information about OSPF packets. However, a specially crafted OSPF packet can trigger a NULL pointer dereference in the show_vty_ext_pref_pref_sid function in the ospf_ext.c file, causing the OSPF process to crash and resulting in a denial of service.
Отчет
A very specific and non-default runtime configuration is required to exploit this flaw. The vulnerable code is only reachable when OSPF detailed packet debugging is enabled (debug ospf packet all send/recv detail), which is typically used for temporary diagnostic purposes and not in production environments. In normal operation, the affected function is not invoked, thereby significantly reducing exposure. Furthermore, this flaw can trigger a NULL pointer dereference, causing a crash of the ospfd process without memory corruption or any other security impact.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | frr | Fix deferred | ||
| Red Hat Enterprise Linux 8 | frr | Fix deferred | ||
| Red Hat Enterprise Linux 9 | frr | Fix deferred |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
5.9 Medium
CVSS3
Связанные уязвимости
FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LSA Update packet.
FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LSA Update packet.
FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LSA Update packet.
FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NU ...
FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LSA Update packet.
EPSS
5.9 Medium
CVSS3