117 matches found
SUSE CVE-2021-43612
In lldpd before 1.0.13, when decoding SONMP packets in the sonmpdecode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets...
CVE-2020-27827 affecting package lldpd for versions less than 1.0.14-1
CVE-2020-27827 affecting package lldpd for versions less than 1.0.14-1. An upgraded version of the package is available that resolves this issue...
new packages: lldpd
An update is available for lldpd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...
CVE-2021-43612
An out-of-bounds read vulnerability is present in lldpd. An attacker on the same network as the vulnerable system may use this vulnerability to leak memory data from the application or crash it by sending shorter SONMP packets than what is expected...
lldpd 缓冲区错误漏洞
lldpd is a daemon capable of receiving and sending LLDP frames. A security vulnerability exists in lldpd that stems from a boundary error when reading SONMP messages. A remote user can send specially crafted packets to the application, trigger a heap-based buffer overflow, and execute arbitrary...
lldpd: buffer overflow in the lldp_decode function in daemon/protocols/lldp.c
A buffer overflow was found in the lldpdecode function in daemon/protocols/lldp.c in lldpd. This flaw allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries. This threatens the...
RHEL 7 : openvswitch (RHSA-2021:2077)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2077 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic...
CVE-2021-25849
An integer underflow was discovered in userdisk/vportlldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, improper validation of the PortID TLV leads to Denial of Service via a crafted lldp packet...
Moderate: Red Hat Security Advisory: rhvm-appliance security, bug fix, and enhancement update
An update for rhvm-appliance is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RHEL 8 : rhvm-appliance (RHSA-2021:0988)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:0988 advisory. The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is availab...
AZL-10443 CVE-2020-27827 affecting package lldpd for versions less than 1.0.14-1
A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability...
Fedora 33 : 2:dpdk / openvswitch (2021-fba11d37ee)
The remote Fedora 33 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2021-fba11d37ee advisory. - Buffer overflow in the lldpdecode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service...
[ASA-202101-29] lldpd: information disclosure
Arch Linux Security Advisory ASA-202101-29 ========================================== Severity: Medium Date : 2021-01-20 CVE-ID : CVE-2020-27827 Package : lldpd Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-1451 Summary ======= The package lldpd before versi...
[ASA-202101-28] openvswitch: multiple issues
Arch Linux Security Advisory ASA-202101-28 ========================================== Severity: Medium Date : 2021-01-20 CVE-ID : CVE-2015-8011 CVE-2020-27827 Package : openvswitch Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1456 Summary ======= The package...
lldpd Resource Management Error Vulnerability
lldpd is a daemon that can receive and send LLDP frames. A resource management error vulnerability exists in the Ubuntu lldpd software, which can be exploited by attackers to trigger a denial of service attack. The following products and models are affected: Ubuntu 20.10 openvswitch-common,Ubuntu...
Important: Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update
An update for openvswitch2.11, ovn2.11, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 and Red Hat Virtualization Engine 4.3. Red Hat Product Security has rated this update as having a security impact...
Denial Of Service(DoS)
lldpd is denial of serviceDoS. The buffer overflow in the lldpdecode function in daemon/protocols/lldp.c...
RHEL 8 : Red Hat Virtualization (RHSA-2020:5611)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5611 advisory. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host,...
BSA-2020-937
Security Advisory ID : BSA-2020-937 Component : lldpd Revision : 1.0: Final Buffer overflow in the lldpdecode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via vectors involving large...
CVE-2015-8012
lldpd before 0.8.0 allows remote attackers to cause a denial of service assertion failure and daemon crash via a malformed packet...