CVE-2025-61101: 
Linux Debian vulnerability analysis and mitigation

A NULL pointer dereference vulnerability was discovered in FRRouting/frr versions 4.0 through 10.4.1, identified as CVE-2025-61101. The vulnerability exists in the showvtyextlinkrmtitfaddr function within ospf_ext.c, which can be triggered when processing OSPF packets (NVD). The issue was discovered and reported on October 27, 2025, and affects the OSPF component of the FRRouting software.

The vulnerability occurs when the debug ospf packet all send/recv detail command is enabled in the OSPF configuration. When ospfd processes an LS Update packet containing an opaque LSA, a NULL pointer dereference occurs in showopaqueinfodetail() within ospfd/ospfopaque.c. The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (Ubuntu).

When exploited, this vulnerability allows attackers to cause a Denial of Service (DoS) condition via a crafted OSPF packet. The impact is particularly severe as it can cause the ospfd daemon to crash, potentially disrupting network routing operations (NVD).

A fix has been proposed through a pull request that adds proper security checks for the VTY context and pointers related to Opaque LSAs dumping. The patch ensures that if the VTY context is unavailable, packet details are logged using zlog instead (GitHub PR). As of October 31, 2025, the proposed fix has not been committed yet, and the vulnerability remains active in affected versions.