SUSE CVE-2026-46433

lldpd is an implementation of IEEE 802.1ab LLDP. Prior to version 1.0.22, lldpddecode in src/daemon/lldpd.c strips 802.1Q VLAN tags from received Ethernet frames by calling memmove to shift the frame payload 4 bytes left. The third argument byte count is s - 2 ETHERADDRLEN but should be s - 2...

lldpd: Heap OOB Read in VLAN Decapsulation memmove

...

EUVD-2026-35858

lldpd is an implementation of IEEE 802.1ab LLDP. Prior to version 1.0.22, lldpddecode in src/daemon/lldpd.c strips 802.1Q VLAN tags from received Ethernet frames by calling memmove to shift the frame payload 4 bytes left. The third argument byte count is s - 2 ETHERADDRLEN but should be s - 2...

CVE-2026-46433 lldpd: Heap OOB Read in VLAN Decapsulation memmove

lldpd is an implementation of IEEE 802.1ab LLDP. Prior to version 1.0.22, lldpddecode in src/daemon/lldpd.c strips 802.1Q VLAN tags from received Ethernet frames by calling memmove to shift the frame payload 4 bytes left. The third argument byte count is s - 2 ETHERADDRLEN but should be s - 2...

CVE-2026-46433

lldpd is an implementation of IEEE 802.1ab LLDP. Prior to version 1.0.22, lldpddecode in src/daemon/lldpd.c strips 802.1Q VLAN tags from received Ethernet frames by calling memmove to shift the frame payload 4 bytes left. The third argument byte count is s - 2 ETHERADDRLEN but should be s - 2...

lldpd 缓冲区错误漏洞

LLDPD is a daemon capable of receiving and sending LLDP frames. Versions of LLDPD prior to 1.0.22 contained a buffer error vulnerability. This vulnerability stemmed from an error in the memmove byte count calculation by the lldpddecode function when stripping the 802.1Q VLAN tag, which could lead...

Linux Distros Unpatched Vulnerability : CVE-2026-46433

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lldpd is an implementation of IEEE 802.1ab LLDP. Prior to version 1.0.22, lldpddecode in src/daemon/lldpd.c strips 802.1Q VLAN tags from received Ethernet frame...

lldpd bug fix and enhancement update

An update is available for lldpd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LLDP is an industry standard protocol designed to supplant proprietary Link-Lay...

MiracleLinux 9 : lldpd-1.0.18-4.el9 (AXSA:2024-9355:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9355:03 advisory. lldp/openvswitch: denial of service via externally triggered memory leak CVE-2020-27827 lldpd: out-of-bounds read when decoding SONMP packets...

Astra Linux - уязвимость в openvswitch

Buffer overflow in the lldpdecode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries...

EUVD-2015-7908

Malware in sbrugna...

EUVD-2015-7907

Malware in sbrugna...

EUVD-2023-46388

Malicious code in bioql PyPI...

EUVD-2021-30526

Malicious code in bioql PyPI...

CLSA-2025-1758823952 lldpd: Fix of CVE-2021-43612

CVE-2021-43612: fix out-of-bounds heap read in sonmpdecode function...

CLSA-2025-1757692387 lldpd: Fix of CVE-2020-27827

CVE-2020-27827: fix memory allocation issue caused by specially crafted LLDP packets...

Alibaba Cloud Linux 3 : 0256: lldpd (ALINUX3-SA-2024:0256)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0256 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-27827: A flaw was found in multip...

RockyLinux 9 : lldpd (RLSA-2024:9158)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:9158 advisory. lldp/openvswitch: denial of service via externally triggered memory leak CVE-2020-27827 lldpd: out-of-bounds read when decoding SONMP packets...

lldpd security update

An update is available for lldpd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LLDP is an industry standard protocol designed to supplant proprietary Link-Lay...

Linux Distros Unpatched Vulnerability : CVE-2023-41910

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDPTLVADDRESSES TLVs, a malicious actor can remotely force the lldpd...