CVE-2024-31950

In FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ri for OSPF LSA packets during an attempt to read Segment Routing subTLVs (their size is not validated).

Published: Apr 7, 2024
Updated: Apr 8, 2024
CVE: CVE-2024-31950
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
frrouting / frrouting	-	9.1.x

https://github.com/FRRouting/frr/pull/15674/
https://github.com/FRRouting/frr/pull/15674/commits/6b84541df71772f697a7f9e6b2aaf72536aab775

Vulnerability Database

289,599

CVE-2024-31950