CVE-2025-61099

FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaque_info_detail function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LS Update packet.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CISA-ADPADP
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 23%
VendorProductVersion
frroutingfrrouting
2.0 ≤
𝑥
≤ 10.4.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
frr
bullseye
vulnerable
bullseye (security)
vulnerable
bookworm
vulnerable
bookworm (security)
vulnerable
trixie
vulnerable
forky
vulnerable
sid
vulnerable
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
frr
questing
deferred
plucky
deferred
noble
deferred
jammy
deferred
focal
deferred
quagga
questing
dne
plucky
dne
noble
dne
jammy
dne
focal
deferred
bionic
deferred
xenial
deferred
Common Weakness Enumeration
References
https://github.com/FRRouting/frr/issues/19471
https://github.com/FRRouting/frr/pull/19480
https://github.com/FRRouting/frr/pull/19480/commits/0042fbe8ca5aba866b4f0d166e54066bba5ab14e
https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61099.md