13 matches found
MiracleLinux 9 : lldpd-1.0.18-4.el9 (AXSA:2024-9355:03)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9355:03 advisory. lldp/openvswitch: denial of service via externally triggered memory leak CVE-2020-27827 lldpd: out-of-bounds read when decoding SONMP packets...
EUVD-2015-7908
Malware in sbrugna...
EUVD-2021-30526
Malicious code in bioql PyPI...
EUVD-2023-46388
Malicious code in bioql PyPI...
An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdp_decode in daemon/protocols/cdp.c.
...
SUSE CVE-2023-41910
An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDPTLVADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdpdecode in daemon/protocols/cdp.c...
UBUNTU-CVE-2023-41910
An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDPTLVADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdpdecode in daemon/protocols/cdp.c...
UBUNTU-CVE-2021-43612
In lldpd before 1.0.13, when decoding SONMP packets in the sonmpdecode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets...
CVE-2021-43612
In lldpd before 1.0.13, when decoding SONMP packets in the sonmpdecode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets...
AZL-10443 CVE-2020-27827 affecting package lldpd for versions less than 1.0.14-1
A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability...
DEBIAN-CVE-2015-8012
lldpd before 0.8.0 allows remote attackers to cause a denial of service assertion failure and daemon crash via a malformed packet...
CVE-2015-8012
lldpd before 0.8.0 allows remote attackers to cause a denial of service assertion failure and daemon crash via a malformed packet...
CVE-2015-8011
Buffer overflow in the lldpdecode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries...