CVE-2024-31951

Name of the Vulnerable Software and Affected Versions FRRouting versions through 9.1

Description The issue is related to a buffer overflow in the Opaque LSA Extended Link parser, specifically in the ospf te parse ext link function, when handling OSPF LSA packets with Segment Routing Adjacency SID subTLVs. The lengths of these subTLVs are not validated, which can lead to a daemon crash. This can potentially allow a remote attacker to execute arbitrary code or cause a denial of service.

Recommendations For FRRouting versions through 9.1, as a temporary workaround, consider disabling the ospf te parse ext link function until a patch is available. Restrict access to the Opaque LSA Extended Link Parser component to minimize the risk of exploitation. Avoid using the Segment Routing Adjacency SID subTLVs in OSPF LSA packets until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.