Filtered by vendor Frrouting
Subscribe
Total
48 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-61107 | 1 Frrouting | 1 Frrouting | 2026-06-17 | N/A | 7.5 HIGH |
| FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LSA Update packet. | |||||
| CVE-2025-61106 | 1 Frrouting | 1 Frrouting | 2026-06-17 | N/A | 7.5 HIGH |
| FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. | |||||
| CVE-2025-61105 | 1 Frrouting | 1 Frrouting | 2026-06-17 | N/A | 7.5 HIGH |
| FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_link_info function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. | |||||
| CVE-2025-61104 | 1 Frrouting | 1 Frrouting | 2026-06-17 | N/A | 7.5 HIGH |
| FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_unknown_tlv function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. | |||||
| CVE-2025-61103 | 1 Frrouting | 1 Frrouting | 2026-06-17 | N/A | 7.5 HIGH |
| FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_lan_adj_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. | |||||
| CVE-2025-61102 | 1 Frrouting | 1 Frrouting | 2026-06-17 | N/A | 7.5 HIGH |
| FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_adj_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. | |||||
| CVE-2025-61101 | 1 Frrouting | 1 Frrouting | 2026-06-17 | N/A | 7.5 HIGH |
| FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_rmt_itf_addr function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. | |||||
| CVE-2025-61100 | 1 Frrouting | 1 Frrouting | 2026-06-17 | N/A | 7.5 HIGH |
| FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospf_opaque_lsa_dump function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) under specific malformed LSA conditions. | |||||
| CVE-2025-61099 | 1 Frrouting | 1 Frrouting | 2026-06-17 | N/A | 7.5 HIGH |
| FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaque_info_detail function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LS Update packet. | |||||
| CVE-2024-44070 | 2 Frrouting, Redhat | 2 Frrouting, Enterprise Linux | 2026-06-17 | N/A | 7.5 HIGH |
| An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_encap in bgpd/bgp_attr.c does not check the actual remaining stream length before taking the TLV value. | |||||
| CVE-2024-34088 | 1 Frrouting | 1 Frrouting | 2026-06-17 | N/A | 7.5 HIGH |
| In FRRouting (FRR) through 9.1, it is possible for the get_edge() function in ospf_te.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service. | |||||
| CVE-2024-31951 | 1 Frrouting | 1 Frrouting | 2026-06-17 | N/A | 6.5 MEDIUM |
| In the Opaque LSA Extended Link parser in FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs (lengths are not validated). | |||||
| CVE-2024-31950 | 1 Frrouting | 1 Frrouting | 2026-06-17 | N/A | 6.5 MEDIUM |
| In FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ri for OSPF LSA packets during an attempt to read Segment Routing subTLVs (their size is not validated). | |||||
| CVE-2024-31949 | 1 Frrouting | 1 Frrouting | 2026-06-17 | N/A | 6.5 MEDIUM |
| In FRRouting (FRR) through 9.1, an infinite loop can occur when receiving a MP/GR capability as a dynamic capability because malformed data results in a pointer not advancing. | |||||
| CVE-2024-31948 | 1 Frrouting | 1 Frrouting | 2026-06-17 | N/A | 6.5 MEDIUM |
| In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash. | |||||
| CVE-2024-27913 | 1 Frrouting | 1 Frrouting | 2026-06-17 | N/A | 6.5 MEDIUM |
| ospf_te_parse_te in ospfd/ospf_te.c in FRRouting (FRR) through 9.1 allows remote attackers to cause a denial of service (ospfd daemon crash) via a malformed OSPF LSA packet, because of an attempted access to a missing attribute field. | |||||
| CVE-2023-47235 | 1 Frrouting | 1 Frrouting | 2026-06-17 | N/A | 7.5 HIGH |
| An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw outcome. | |||||
| CVE-2023-47234 | 1 Frrouting | 1 Frrouting | 2026-06-17 | N/A | 7.5 HIGH |
| An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (that lacks mandatory path attributes). | |||||
| CVE-2023-46753 | 1 Frrouting | 1 Frrouting | 2026-06-17 | N/A | 5.9 MEDIUM |
| An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute. | |||||
| CVE-2023-46752 | 1 Frrouting | 1 Frrouting | 2026-06-17 | N/A | 5.9 MEDIUM |
| An issue was discovered in FRRouting FRR through 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash. | |||||