Denial of Service Vulnerability in FRRouting by FRRouting
CVE-2025-61101

7.5HIGH

Key Information:

Vendor: FRRouting
Status: FRRouting
Vendor: CVE Published:; 27 October 2025

What is CVE-2025-61101?

A vulnerability has been identified in FRRouting versions from 4.0 to 10.4.1 that allows attackers to exploit a NULL pointer dereference through the 'show_vty_ext_link_rmt_itf_addr' function located in 'ospf_ext.c'. This security flaw can lead to a Denial of Service (DoS) when a specially crafted OSPF packet is received, potentially disrupting network services and affecting availability.

References

https://github.com/FRRouting/frr/pull/19480

https://github.com/FRRouting/frr/issues/19471

https://github.com/FRRouting/frr/pull/19480/commits/fdd95...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 27, 2025
Vulnerability Reserved
Sep 26, 2025

JSON