CVE-2024-31951
EUVD-2024-2980907.04.2024, 21:15
In the Opaque LSA Extended Link parser in FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs (lengths are not validated).
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| frrouting | frrouting | 𝑥 ≤ 9.1 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| frr |
| ||||||||||||
| frr-devel |
| ||||||||||||
| libfrr0 |
| ||||||||||||
| libfrr_pb0 |
| ||||||||||||
| libfrrcares0 |
| ||||||||||||
| libfrrfpm_pb0 |
| ||||||||||||
| libfrrospfapiclient0 |
| ||||||||||||
| libfrrsnmp0 |
| ||||||||||||
| libfrrzmq0 |
| ||||||||||||
| libmgmt_be_nb0 |
| ||||||||||||
| libmlag_pb0 |
|