Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2024-34088
HistoryApr 30, 2024 - 7:15 p.m.

CVE-2024-34088

2024-04-3019:15:23
Debian Security Bug Tracker
security-tracker.debian.org
4
frrouting
ospf
daemon
vulnerability
get_edge()
denial of service

AI Score

7

Confidence

High

EPSS

0

Percentile

9.0%

In FRRouting (FRR) through 9.1, it is possible for the get_edge() function in ospf_te.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service.

OSVersionArchitecturePackageVersionFilename
Debian12allfrr<= 8.4.4-1.1~deb12u1frr_8.4.4-1.1~deb12u1_all.deb
Debian11allfrr< 7.5.1-1.1+deb11u2frr_7.5.1-1.1+deb11u2_all.deb
Debian999allfrr<= 10.0-2frr_10.0-2_all.deb
Debian13allfrr<= 10.0-2frr_10.0-2_all.deb

AI Score

7

Confidence

High

EPSS

0

Percentile

9.0%