CBL Mariner 2.0 Security Update: frr (CVE-2024-31950)

The version of frr installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-31950 advisory. - In FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA...

In FRRouting (FRR) through 9.1 there can be a buffer overflow and daemon crash in ospf_te_parse_ri for OSPF LSA packets during an attempt to read Segment Routing subTLVs (their size is not validated).

...

Buffer Overflow

libfrr.so is vulnerable to Buffer Overflow. The vulnerability is due to inadequate validation of the size of Segment Routing subTLVs in ospfteparseri function within ospfte.c. An attacker can trigger this vulnerability by crafting OSPF LSA packets with maliciously crafted Segment Routing subTLVs...

CVE-2024-31951

A buffer overflow vulnerability was found in FRRouting. There can be a buffer overflow and daemon crash in ospfteparseextlink for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs. Mitigation Mitigation for this issue is either not available or the currently availab...

CVE-2024-31950

A buffer overflow vulnerability was found in FRRouting. There can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets during an attempt to read Segment Routing subTLVs. Mitigation Mitigation for this issue is either not available or the currently available options don't me...

CVE-2024-31950

In FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets during an attempt to read Segment Routing subTLVs their size is not validated...

DEBIAN-CVE-2024-31950

In FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets during an attempt to read Segment Routing subTLVs their size is not validated...

CVE-2024-31950

In FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets during an attempt to read Segment Routing subTLVs their size is not validated...

CVE-2024-31950

In FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets during an attempt to read Segment Routing subTLVs their size is not validated...

CVE-2024-31950

In FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets during an attempt to read Segment Routing subTLVs their size is not validated...

CVE-2024-31951

In the Opaque LSA Extended Link parser in FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseextlink for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs lengths are not validated...

CVE-2024-31951

FRRouting FRR in versions up to 9.1 is affected by CVE-2024-31951 due to a bug in the Opaque LSA Extended Link parser (ospf_te_parse_ext_link) that can trigger a buffer overflow and daemon crash while reading Segment Routing Adjacency SID subTLVs because lengths are not validated. Exploitation st...

CVE-2024-31950

In FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets during an attempt to read Segment Routing subTLVs their size is not validated...

CVE-2024-31951

In the Opaque LSA Extended Link parser in FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseextlink for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs lengths are not validated...