VDB
CVE-2025-61099
CVE-2025-61099
PUBLISHED
CVSS 7.5 HIGH
FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaque_info_detail function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LS Update packet.
EPSS 0.20% · 42.2th percentile
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.20%
42.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| frrouting | frrouting | 2.0 |
Exploit Intelligence
- https://github.com/FRRouting/frr/issues/19471 (nist-nvd)
- CIRCL seen: CVE-2025-61099 (circl-sighting)
- https://github.com/FRRouting/frr/pull/19480 (circl)
- https://github.com/FRRouting/frr/pull/19480/commits/0042fbe8ca5aba866b4f0d166e54066bba5ab14e (circl)
- https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61099.md (circl)
Timeline
- Oct 27, 2025 CVE Published
- Oct 28, 2025 EPSS Score
- Oct 28, 2025 CVE Updated
- Nov 3, 2025 EPSS Score
- Nov 8, 2025 EPSS Score
- Nov 14, 2025 EPSS Score
- Nov 20, 2025 EPSS Score
- Nov 25, 2025 EPSS Score
- Dec 1, 2025 EPSS Score
- Dec 7, 2025 EPSS Score
- Dec 12, 2025 EPSS Score
- Dec 18, 2025 EPSS Score
References
- https://github.com/FRRouting/frr/pull/19480 url
- https://github.com/FRRouting/frr/pull/19480/commits/0042fbe8ca5aba866b4f0d166e54066bba5ab14e url
- https://github.com/FRRouting/frr/issues/19471 url
- https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61099.md url
- https://nvd.nist.gov/vuln/detail/CVE-2025-61099 advisory