CVE-2025-61106 is a vulnerability identified in the FRRouting (FRR) software suite, versions 4.0 through 10.4.1. FRRouting is an open-source routing protocol suite widely used for managing routing protocols like OSPF (Open Shortest Path First) in network devices. The vulnerability arises from a NULL pointer dereference in the function show_vty_ext_pref_pref_sid located in the ospf_ext.c source file. This flaw can be triggered by an attacker sending a crafted OSPF packet to the affected device, causing the function to dereference a NULL pointer, which leads to a crash or denial of service (DoS) condition. The impact is a loss of availability of the routing process or the entire device, potentially disrupting network connectivity. Exploitation does not require authentication but does require the ability to send OSPF packets to the target, which may be possible within an internal network or via compromised network segments. No public exploits or patches have been released at the time of publication, and no CVSS score has been assigned. The vulnerability affects a broad range of FRRouting versions, indicating many deployments could be vulnerable. The issue is critical for network stability, especially in environments relying heavily on OSPF for dynamic routing. The vulnerability highlights the importance of input validation and error handling in routing protocol implementations.

For European organizations, the primary impact of CVE-2025-61106 is the potential for network outages caused by denial of service on routers or network devices running vulnerable versions of FRRouting. This can lead to loss of connectivity, degraded network performance, and interruption of critical services dependent on stable routing. Telecommunications providers, data centers, and large enterprises using FRRouting for OSPF routing are at risk of service disruption. The vulnerability could be exploited by an insider or an attacker who gains access to the internal network segment where OSPF packets are exchanged. Disruption of routing can affect business operations, emergency services, and critical infrastructure, potentially causing cascading failures in interconnected networks. The absence of known exploits reduces immediate risk but does not eliminate the threat, especially as attackers may develop exploits once the vulnerability is widely known. The impact on confidentiality and integrity is minimal, but availability impact is significant. Organizations with stringent uptime requirements and those operating critical infrastructure are particularly vulnerable.

1. Monitor vendor announcements and apply official patches or updates for FRRouting as soon as they become available to address CVE-2025-61106. 2. Restrict OSPF packet sources by implementing access control lists (ACLs) or firewall rules to limit OSPF traffic to trusted devices and network segments only. 3. Segment network infrastructure to isolate routing protocol traffic from untrusted or less secure network zones, reducing exposure to crafted packets. 4. Employ network monitoring and anomaly detection tools to identify unusual OSPF packet patterns or spikes that could indicate exploitation attempts. 5. Conduct regular audits of network device configurations to ensure that only necessary routing protocols are enabled and properly secured. 6. Consider deploying redundancy and failover mechanisms in routing infrastructure to minimize service disruption in case of device failure. 7. Educate network operations teams about this vulnerability and encourage vigilance for signs of routing instability or device crashes. 8. If possible, temporarily disable OSPF on devices that are not critical or replace FRRouting with alternative routing software until patches are available.