lldpd -- Buffer overflow/Denial of service

2015-10-04T00:00:00
ID 2A4A112A-7C1B-11E5-BD77-0800275369E2
Type freebsd
Reporter FreeBSD
Modified 2015-11-10T00:00:00

Description

The lldpd developer Vincent Bernat reports:

A buffer overflow may allow arbitrary code execution only if hardening was disabled.

Malformed packets should not make lldpd crash. Ensure we can handle them by not using assert() in this part.