FRRouting RTR Buffer Overflow Vulnerability Leading to Performance Degradation

A vulnerability in FRRouting (FRR) versions 6.0 prior to 10.3 allows for route re-validation to be triggered when an update received via the RTR protocol exceeds the default socket buffer size of 4K. This can be exploited by causing a large number of updates to be sent during the update interval, which typically lasts 30 minutes. The issue can also occur organically, but when exploited, it forces continuous route validation. Routers with large routing tables may take longer than 30 minutes to complete this process, leading to potential performance impacts. Additionally, the re-validation increases BMP traffic to ingestors.

Impact

Exploitation of this vulnerability can significantly degrade the route handling performance of FRRouting instances using RPKI, causing disruptions in routing protocol operations. The vulnerability also generates excessive BMP traffic, which can overwhelm BMP ingestors.

Reproduction

The vulnerability can be reproduced by sending a large number of RTR updates that exceed the socket's buffer size during a single update interval. This can be done manually or through automated scripts. The issue can also be observed organically, without any intervention.

Remediation

Users can upgrade to FRRouting versions 10.0.3, 10.1.2, 10.2.1, or 10.3 to address this vulnerability.