Lucene search

K
cve[email protected]CVE-2024-31951
HistoryApr 07, 2024 - 9:15 p.m.

CVE-2024-31951

2024-04-0721:15:07
web.nvd.nist.gov
33
cve-2024-31951
opaque lsa extended link
frrouting
daemon crash
ospf_te_parse_ext_link
ospf lsa
segment routing adjacency sid
subtlvs
validation

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

In the Opaque LSA Extended Link parser in FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs (lengths are not validated).

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%