CVE-2024-55553

Name of the Vulnerable Software and Affected Versions FRRouting versions 6.0 through 10.2.1 FRRouting versions prior to 10.3

Description The issue is related to the re-validation of routes in FRRouting. An attacker can trigger re-parsing of the RIB for FRR routers using RTR by causing more than the internal socket's buffer size (default 4K on most OSes) of updates during an update interval (usually 30 minutes). This can lead to continuous route validation, potentially impacting the route handling performance of all FRR instances using RPKI globally. The re-validation will also cause heightened BMP traffic to ingestors.

Recommendations For FRRouting versions 6.0 through 10.2.1, update to version 10.3 or later. For FRRouting versions prior to 10.0.3, update to version 10.0.3 or later. For FRRouting versions prior to 10.1.2, update to version 10.1.2 or later. For FRRouting versions prior to 10.2.1, update to version 10.2.1 or later. As a temporary workaround, consider restricting the number of RPKI updates to prevent continuous route validation.