CBL Mariner 2.0 Security Update: frr (CVE-2024-31950)

The version of frr installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-31950 advisory. - In FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA...

CVE-2024-31950

...

Buffer Overflow

libfrr.so is vulnerable to Buffer Overflow. The vulnerability is due to inadequate validation of the size of Segment Routing subTLVs in ospfteparseri function within ospfte.c. An attacker can trigger this vulnerability by crafting OSPF LSA packets with maliciously crafted Segment Routing subTLVs...

CVE-2024-31950

A buffer overflow vulnerability was found in FRRouting. There can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets during an attempt to read Segment Routing subTLVs. Mitigation Mitigation for this issue is either not available or the currently available options don't me...

CVE-2024-31950

In FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets during an attempt to read Segment Routing subTLVs their size is not validated...

CVE-2024-31950

In FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets during an attempt to read Segment Routing subTLVs their size is not validated...

CVE-2024-31950

In FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets during an attempt to read Segment Routing subTLVs their size is not validated...