SUSE CVE-2026-28532

FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV parser functions where a uint16t accumulator variable truncates uint32t values returned by the TLVSIZE macro, causing the loop termination condition to fail while pointer...

ROS-20251124-02

Vulnerability of the software tool for implementing network routing on Unix-like systems FRRouting is related to insufficient validation of OSPF LSA packets in the ospfteparsete function in ospfd/ospfte.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial...

CVE-2025-61100

FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospfopaquelsadump function at ospfopaque.c. This vulnerability allows attackers to cause a Denial of Service DoS under specific malformed LSA conditions...

UBUNTU-CVE-2024-31950

In FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets during an attempt to read Segment Routing subTLVs their size is not validated...

FRRouting Security Vulnerabilities

FRRouting is an open source network routing software suite from the FRRouting Project that runs on Unix-like platforms. A security vulnerability exists in FRRouting 9.1 and earlier versions , the vulnerability stems from a missing attribute field , a remote attacker can cause a denial of service...

Cisco NX-OS Software 缓冲区错误漏洞

Cisco NX-OS Software is a suite of data center-grade operating system software for switches from Cisco. A security vulnerability exists in Cisco NX-OS Software OSPFv3, which stems from incomplete validation of inputs to specific OSPFv3 messages allowing an unauthenticated, remote attacker to...

Cisco IOS and IOS XE Software OSPFv3 Denial of Service Vulnerability

A vulnerability in the Open Shortest Path First version 3 OSPFv3 implementation in Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. The vulnerability is due to incorrect handling of specific OSPFv3 packets. An attacker could...

Quagga: OSPFD Potential remote code exec (stack based buffer overflow)

A stack-based buffer overflow flaw was found in the way the Quagga OSPFD daemon handled LSA link-state advertisement packets. A remote attacker could use this flaw to crash the ospfd daemon resulting in denial of service...

CVE-2013-0149

The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement LSA type 1 packets before performing operations on the LSA database,...

(ospfd): Crash by processing LS-Update OSPF packet due improper length check of the Network-LSA structures

Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service daemon crash via a Link State Update aka LS Update packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the...