11 matches found
TencentOS Server 4: lldpd (TSSA-2024:0343)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0343 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
RockyLinux 9 : lldpd (RLSA-2024:9158)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:9158 advisory. lldp/openvswitch: denial of service via externally triggered memory leak CVE-2020-27827 lldpd: out-of-bounds read when decoding SONMP packets...
Linux Distros Unpatched Vulnerability : CVE-2023-41910
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDPTLVADDRESSES TLVs, a malicious actor can remotely force the lldpd...
Moderate: lldpd security update
LLDP is an industry standard protocol designed to supplant proprietary Link-Layer protocols such as EDP or CDP. The goal of LLDP is to provide an inter-vendor compatible mechanism to deliver Link-Layer notifications to adjacent network devices. Security Fixes: lldp/openvswitch: denial of service...
ALSA-2024:9158 Moderate: lldpd security update
LLDP is an industry standard protocol designed to supplant proprietary Link-Layer protocols such as EDP or CDP. The goal of LLDP is to provide an inter-vendor compatible mechanism to deliver Link-Layer notifications to adjacent network devices. Security Fixes: lldp/openvswitch: denial of service...
CBL Mariner 2.0 Security Update: lldpd (CVE-2023-41910)
The version of lldpd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-41910 advisory. - An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDPTLVADDRESSES...
Debian: Security Advisory (DSA-5505-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 5505-1] lldpd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5505-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 25, 2023 https://www.debian.org/security/faq -...
Debian: Security Advisory (DLA-3578-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3578-1] lldpd security update
Debian LTS Advisory DLA-3578-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany September 22, 2023 https://wiki.debian.org/LTS Package : lldpd Version : 1.0.3-1+deb10u2 CVE ID : CVE-2023-41910 Matteo Memelli discovered a flaw in lldpd, an implementation of the IEEE...
CVE-2023-41910
CVE-2023-41910 affects lldpd up to version 1.0.16 (pre-1.0.17). The issue allows a remote attacker to craft a CDP PDU with specific CDP_TLV_ADDRESSES to force the lldpd daemon to perform an out-of-bounds read on heap memory in cdp_decode (daemon/protocols/cdp.c). The CVSS v3.1 base score is 9.8 (...