Lucene search

K
ubuntucveUbuntu.comUB:CVE-2024-31951
HistoryApr 07, 2024 - 12:00 a.m.

CVE-2024-31951

2024-04-0700:00:00
ubuntu.com
ubuntu.com
18
cve-2024-31951
frrouting
buffer overflow
ospf
segment routing adjacency
daemon crash

AI Score

6.9

Confidence

Low

EPSS

0

Percentile

9.0%

In the Opaque LSA Extended Link parser in FRRouting (FRR) through 9.1,
there can be a buffer overflow and daemon crash in ospf_te_parse_ext_link
for OSPF LSA packets during an attempt to read Segment Routing Adjacency
SID subTLVs (lengths are not validated).

Notes

Author Note
sbeattie the quagga project was renamed to frr
OSVersionArchitecturePackageVersionFilename
ubuntu22.04noarchfrr< 8.1-1ubuntu1.10UNKNOWN
ubuntu23.10noarchfrr< 8.4.4-1.1ubuntu1.4UNKNOWN
ubuntu24.04noarchfrr< 8.4.4-1.1ubuntu6.1UNKNOWN

AI Score

6.9

Confidence

Low

EPSS

0

Percentile

9.0%