CVE-2024-55553 — Improper Resource Shutdown or Release in FRR

CWE-404 — Improper Resource Shutdown or Release CWE-400 — Uncontrolled Resource Consumption7 documents6 sources

Severity

7.5HIGHNVD

EPSS

0.2%

top 59.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian FRR

Timeline

PublishedJan 6

Latest updateJan 27

Description

In FRRouting (FRR) before 10.3 from 6.0 onward, all routes are re-validated if the total size of an update received via RTR exceeds the internal socket's buffer size, default 4K on most OSes. An attacker can use this to trigger re-parsing of the RIB for FRR routers using RTR by causing more than this number of updates during an update interval (usually 30 minutes). Additionally, this effect regularly occurs organically. Furthermore, an attacker can use this to trigger route validation continuous…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

▶debiandebian/frr< frr 7.5.1-1.1+deb11u4 (bullseye)

🔴Vulnerability Details

OSV

frr vulnerabilities↗2025-01-27

▶

GHSA

GHSA-hrrq-wpmq-47mf: In FRRouting (FRR) before 10↗2025-01-07

▶

OSV

CVE-2024-55553: In FRRouting (FRR) before 10↗2025-01-06

▶

📋Vendor Advisories

Ubuntu

FRR vulnerabilities↗2025-01-27

▶

Red Hat

frr: DoS via repeated RIB revalidation↗2025-01-06

▶

Debian

CVE-2024-55553: frr - In FRRouting (FRR) before 10.3 from 6.0 onward, all routes are re-validated if t...↗2024

▶