Jump to:

CVE-2024-34088

Jump to:

CVE-2024-34088

Package frr updated to version 10.1-alt1 for branch sisyphus in task 355761.

Published: 2024-04-30
Modified: 2025-05-01

CVE-2024-34088

In FRRouting (FRR) through 9.1, it is possible for the get_edge() function in ospf_te.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

https://github.com/FRRouting/frr/pull/15674/commits/34d704fb0ea60dc5063af477a2c11d4884984d4f
https://github.com/FRRouting/frr/pull/15674/commits/34d704fb0ea60dc5063af477a2c11d4884984d4f

Version: 2.1.2

Package frr update in sisyphus on 2024-08-22

ALT-PU-2024-11502-1

Closed vulnerabilities

CVE-2024-34088