Debian Patches
Status for frr/10.5.2-1
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| upstream/0001-CVE-2025-61xxx.patch | commit b7d9b7aa47627b31e4b50795284408ab6de98660 ospfd: Add null check for vty_out in check_tlv_size Add security check for vty_out. Specifically, Check NULL for vty. If vty is not available, dump info via zlog. Signed-off-by: s1awwhy <seawwhy@163.com> diff --git a/ospfd/ospf_ext.c b/ospfd/ospf_ext.c index c80ad636a1..cef27498b8 100644 |
s1awwhy <seawwhy@163.com> | no | 2025-08-24 | ||
| upstream/0002-CVE-2025-61xxx.patch | commit 034e6fe67078810b952630055614ee5710d1196e ospfd: Fix NULL Pointer Deference when dumping link info When the command debug ospf packet all send/recv detail is enabled in the OSPF configuration, ospfd will dump detailed information of any received or sent OSPF packets, either via VTY or through the zlog. However, the original Opaque LSA handling code failed to check whether the VTY context and show_opaque_info were available, resulting in NULL pointer dereference and crashes in ospfd. The patch fixes the Null Pointer Deference Vulnerability in show_vty_ext_link_rmt_itf_addr, show_vty_ext_link_adj_sid, show_vty_ext_link_lan_adj_sid, show_vty_unknown_tlv, show_vty_link_info, show_vty_ext_pref_pref_sid, show_vtY_pref_info. Specifically, add NULL check for vty. If vty is not available, dump details via zlog. Signed-off-by: s1awwhy <seawwhy@163.com> Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com> diff --git a/ospfd/ospf_ext.c b/ospfd/ospf_ext.c index cef27498b8..cb709f41ee 100644 |
s1awwhy <seawwhy@163.com> | no | 2025-08-24 | ||
| upstream/0003-CVE-2025-61xxx.patch | commit 33dfc7e7be1ac8b66abbf47c30a709215fbc1926 ospfd: skip subsequent tlvs after invalid length Do not attempt to read subsequent TLVs after an TLV invalid length is detected. Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com> diff --git a/ospfd/ospf_ext.c b/ospfd/ospf_ext.c index cb709f41ee..b063e67e05 100644 |
Louis Scalbert <louis.scalbert@6wind.com> | no | 2026-01-06 | ||
| upstream/0004-CVE-2025-61xxx.patch | commit 4e59658233746215a16358603ab0d98b589ba16b ospfd: reformat check_tlv_size macro to make frr-bot happy Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com> diff --git a/ospfd/ospf_ext.c b/ospfd/ospf_ext.c index b063e67e05..684837c211 100644 |
Louis Scalbert <louis.scalbert@6wind.com> | no | 2026-01-06 |
All known versions for source package 'frr'
- 10.5.2-1 (forky, sid)
- 10.3-3 (trixie)
- 8.4.4-1.1~deb12u1 (bookworm-security, bookworm)
