{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-31948", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-02T01:59:50.550Z", "dateReserved": "2024-04-07T00:00:00", "datePublished": "2024-04-07T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-04-28T07:06:14.531873"}, "descriptions": [{"lang": "en", "value": "In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/FRRouting/frr/pull/15628"}, {"url": "https://github.com/FRRouting/frr/pull/15628/commits/ba6a8f1a31e1a88df2de69ea46068e8bd9b97138"}, {"name": "[debian-lts-announce] 20240428 [SECURITY] [DLA 3797-1] frr security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-31948", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-29T17:23:10.377527Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:*"], "vendor": "frrouting", "product": "frrouting", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1287", "description": "CWE-1287 Improper Validation of Specified Type of Input"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:36:15.479Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:59:50.550Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/FRRouting/frr/pull/15628", "tags": ["x_transferred"]}, {"url": "https://github.com/FRRouting/frr/pull/15628/commits/ba6a8f1a31e1a88df2de69ea46068e8bd9b97138", "tags": ["x_transferred"]}, {"name": "[debian-lts-announce] 20240428 [SECURITY] [DLA 3797-1] frr security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html"}]}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-31948", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-06-04T17:36:15.479Z", "dateReserved": "2024-04-07T00:00:00", "datePublished": "2024-04-07T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-04-28T07:06:14.531873"}, "descriptions": [{"lang": "en", "value": "In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/FRRouting/frr/pull/15628"}, {"url": "https://github.com/FRRouting/frr/pull/15628/commits/ba6a8f1a31e1a88df2de69ea46068e8bd9b97138"}, {"name": "[debian-lts-announce] 20240428 [SECURITY] [DLA 3797-1] frr security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-31948", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-29T17:23:10.377527Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:*"], "vendor": "frrouting", "product": "frrouting", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1287", "description": "CWE-1287 Improper Validation of Specified Type of Input"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-04-29T17:31:05.520Z"}, "title": "CISA ADP Vulnrichment"}]}}

{"descriptions": [{"lang": "en", "value": "In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash."}, {"lang": "es", "value": "En FRRouting (FRR) hasta 9.1, un atacante que utiliza un atributo SID de prefijo con formato incorrecto en un paquete de BGP UPDATE puede provocar que el daemon bgpd falle."}], "id": "CVE-2024-31948", "lastModified": "2024-11-21T09:14:10.933", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-04-07T21:15:07.423", "references": [{"source": "cve@mitre.org", "url": "https://github.com/FRRouting/frr/pull/15628"}, {"source": "cve@mitre.org", "url": "https://github.com/FRRouting/frr/pull/15628/commits/ba6a8f1a31e1a88df2de69ea46068e8bd9b97138"}, {"source": "cve@mitre.org", "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/FRRouting/frr/pull/15628"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/FRRouting/frr/pull/15628/commits/ba6a8f1a31e1a88df2de69ea46068e8bd9b97138"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1287"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "frr: bgpd daemon crash", "id": "2273982", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273982"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-248", "details": ["In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash.", "An uncaught exception flaw was found in FRRouting. This flaw allows an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet to cause the bgpd daemon to crash."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-31948", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "frr", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "frr", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-07T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-31948\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-31948\nhttps://github.com/FRRouting/frr/pull/15628"], "statement": "The uncaught exception flaw in FRRouting's bgpd daemon, triggered by a malformed Prefix SID attribute in a BGP UPDATE packet, poses a moderate severity risk due to its potential to cause a denial of service (DoS) condition. While the vulnerability results in a crash of the bgpd daemon, leading to disruption of routing services, it primarily affects the availability aspect of the CIA triad (Confidentiality, Integrity, and Availability). Although the flaw does not directly expose sensitive information or allow unauthorized access to the system, the ability to crash a critical routing component could impact network operations and service availability. However, the exploitation requires a targeted and deliberate action by an attacker, limiting its immediate widespread impact compared to high severity vulnerabilities that could lead to data breaches or complete system compromise.", "threat_severity": "Moderate"}