frr (SUSE:Linux Enterprise Server LTSS Extended Security 12 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server LTSS Extended Security 12 SP5 package frr, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (14)
CVE-2024-55553 — CVSS 7.5 (high): In FRRouting (FRR) before 10.3 from 6.0 onward, all routes are re-validated if the total size of an update received via RTR exceeds the…
CVE-2025-61099 — CVSS 7.5 (high): FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaque_info_detail function at…
CVE-2025-61100 — CVSS 7.5 (high): FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospf_opaque_lsa_dump function at…
CVE-2025-61101 — CVSS 7.5 (high): FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_rmt_itf_addr…
CVE-2025-61102 — CVSS 7.5 (high): FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_adj_sid function at…
CVE-2025-61103 — CVSS 7.5 (high): FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_lan_adj_sid function…
CVE-2025-61104 — CVSS 7.5 (high): FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_unknown_tlv function at…
CVE-2025-61105 — CVSS 7.5 (high): FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_link_info function at…
CVE-2025-61106 — CVSS 7.5 (high): FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at…
CVE-2025-61107 — CVSS 7.5 (high): FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at…
CVE-2026-37457 — CVSS 7.5 (high): An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function (bgpd/bgp_flowspec_util.c) of FRRouting (FRR)…
CVE-2026-37458 — CVSS 6.5 (medium): Missing input validation in the MP_REACH_NLRI component of FRRouting (FRR) stable/10.0 to stable/10.6 allows authenticated attackers to…
CVE-2026-28532 — CVSS 6.5 (medium): FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV parser…
CVE-2026-5107 — CVSS 4.2 (medium): A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function process_type2_route of the file bgpd/bgp_evpn.c of…