{"id":"USN-8046-1","summary":"frr vulnerabilities","details":"It was discovered that FRR incorrectly handled certain malformed OSPF and\nupdate packets. A remote attacker could possibly use these issues to cause\nFRR to crash, resulting in a denial of service.","modified":"2026-04-27T18:39:47.195017Z","published":"2026-02-17T12:45:07Z","related":["UBUNTU-CVE-2025-61099","UBUNTU-CVE-2025-61100","UBUNTU-CVE-2025-61101","UBUNTU-CVE-2025-61102","UBUNTU-CVE-2025-61103","UBUNTU-CVE-2025-61104","UBUNTU-CVE-2025-61105","UBUNTU-CVE-2025-61106","UBUNTU-CVE-2025-61107"],"upstream":["CVE-2025-61099","CVE-2025-61100","CVE-2025-61101","CVE-2025-61102","CVE-2025-61103","CVE-2025-61104","CVE-2025-61105","CVE-2025-61106","CVE-2025-61107","UBUNTU-CVE-2025-61099","UBUNTU-CVE-2025-61100","UBUNTU-CVE-2025-61101","UBUNTU-CVE-2025-61102","UBUNTU-CVE-2025-61103","UBUNTU-CVE-2025-61104","UBUNTU-CVE-2025-61105","UBUNTU-CVE-2025-61106","UBUNTU-CVE-2025-61107"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-8046-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-61099"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-61100"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-61101"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-61102"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-61103"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-61104"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-61105"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-61106"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-61107"}],"affected":[{"package":{"name":"frr","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/frr@8.1-1ubuntu1.14?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.1-1ubuntu1.14"}]}],"versions":["7.5.1-1.1","8.1-1","8.1-1ubuntu1","8.1-1ubuntu1.1","8.1-1ubuntu1.2","8.1-1ubuntu1.3","8.1-1ubuntu1.4","8.1-1ubuntu1.5","8.1-1ubuntu1.6","8.1-1ubuntu1.7","8.1-1ubuntu1.8","8.1-1ubuntu1.9","8.1-1ubuntu1.10","8.1-1ubuntu1.11","8.1-1ubuntu1.13"],"ecosystem_specific":{"binaries":[{"binary_name":"frr","binary_version":"8.1-1ubuntu1.14"},{"binary_name":"frr-pythontools","binary_version":"8.1-1ubuntu1.14"},{"binary_name":"frr-rpki-rtrlib","binary_version":"8.1-1ubuntu1.14"},{"binary_name":"frr-snmp","binary_version":"8.1-1ubuntu1.14"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8046-1.json","cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61099"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61100"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61101"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61102"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61103"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61104"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61105"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61106"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61107"}]}}},{"package":{"name":"frr","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/frr@8.4.4-1.1ubuntu6.5?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.4.4-1.1ubuntu6.5"}]}],"versions":["8.4.4-1.1ubuntu1","8.4.4-1.1ubuntu3","8.4.4-1.1ubuntu4","8.4.4-1.1ubuntu5","8.4.4-1.1ubuntu6","8.4.4-1.1ubuntu6.1","8.4.4-1.1ubuntu6.2","8.4.4-1.1ubuntu6.3","8.4.4-1.1ubuntu6.4"],"ecosystem_specific":{"binaries":[{"binary_name":"frr","binary_version":"8.4.4-1.1ubuntu6.5"},{"binary_name":"frr-pythontools","binary_version":"8.4.4-1.1ubuntu6.5"},{"binary_name":"frr-rpki-rtrlib","binary_version":"8.4.4-1.1ubuntu6.5"},{"binary_name":"frr-snmp","binary_version":"8.4.4-1.1ubuntu6.5"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8046-1.json","cves_map":{"ecosystem":"Ubuntu:24.04:LTS","cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61099"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61100"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61101"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61102"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61103"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61104"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61105"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61106"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61107"}]}}},{"package":{"name":"frr","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/frr@10.4.1-3ubuntu1.1?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.4.1-3ubuntu1.1"}]}],"versions":["10.2.1-1ubuntu3","10.3-3ubuntu2","10.4.1-3ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"frr","binary_version":"10.4.1-3ubuntu1.1"},{"binary_name":"frr-pythontools","binary_version":"10.4.1-3ubuntu1.1"},{"binary_name":"frr-rpki-rtrlib","binary_version":"10.4.1-3ubuntu1.1"},{"binary_name":"frr-snmp","binary_version":"10.4.1-3ubuntu1.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8046-1.json","cves_map":{"ecosystem":"Ubuntu:25.10","cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61099"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61100"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61101"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61102"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61103"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61104"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61105"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61106"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-61107"}]}}}],"schema_version":"1.7.5"}