Lucene search

MitreVULNRICHMENT:CVE-2024-31949

HistoryApr 07, 2024 - 12:00 a.m.

CVE-2024-31949

2024-04-0700:00:00

mitre

github.com

frrouting

infinite loop

vulnerability

dynamic capability

malformed data

AI Score

6.7

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

In FRRouting (FRR) through 9.1, an infinite loop can occur when receiving a MP/GR capability as a dynamic capability because malformed data results in a pointer not advancing.

References

github.com/FRRouting/frr/pull/15640

github.com/FRRouting/frr/pull/15640/commits/30a332dad86fafd2b0b6c61d23de59ed969a219b

lists.debian.org/debian-lts-announce/2024/04/msg00019.html