Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to the use of strdup with a non-zero-terminated binary string in isis_nb_notifications.c.
[
{
"vendor": "n/a",
"product": "FRRouting",
"versions": [
{
"version": "through 8.1.0",
"status": "affected"
}
]
}
]
github.com/FRRouting/frr/issues/10505
lists.debian.org/debian-lts-announce/2024/04/msg00019.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MIEQNIWUSBQTFR65HM2LLIB7PH27CZUZ/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VTYSAL4QCE4XWMMBKUB7LSLPAFLWUML4/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XUCZR6RYQVZ35BFUV7OLIUEHZW2433I2/