Lucene search
K
Lldpd ProjectLldpd

6 matches found

CVE
CVE
added 2021/03/18 12:0 a.m.461 views

CVE-2020-27827

CVE-2020-27827 concerns Open vSwitch where specially crafted LLDP packets can trigger memory allocation issues during handling of optional TLVs, leading to a denial of service and impacting availability. The connected documents provide various advisories (e.g., AlmaLinux, Gentoo GLSA) that refere...

7.5CVSS7.2AI score0.03235EPSS
CVE
CVE
added 2023/04/15 12:0 a.m.351 views

CVE-2021-43612

CVE-2021-43612 affects lldpd prior to version 1.0.13. In the sonmp_decode function, decoding short SONMP packets can trigger an out-of-bounds heap read. The vulnerability impacts the lldpd component and can lead to heap memory access violations; no exploitation details are provided in the availab...

7.5CVSS7.2AI score0.01142EPSS
CVE
CVE
added 2020/01/28 6:15 p.m.173 views

CVE-2015-8011

CVE-2015-8011 (buffer overflow in lldp_decode of lldpd) affects Open vSwitch/openvswitch builds and allows remote attackers to cause a daemon crash or potentially execute arbitrary code via large management addresses and TLV boundary handling in lldpd before 0.8.0. Documented impacts include deni...

9.8CVSS9.6AI score0.05493EPSS
CVE
CVE
added 2023/09/05 12:0 a.m.109 views

CVE-2023-41910

CVE-2023-41910 affects lldpd up to version 1.0.16 (pre-1.0.17). The issue allows a remote attacker to craft a CDP PDU with specific CDP_TLV_ADDRESSES to force the lldpd daemon to perform an out-of-bounds read on heap memory in cdp_decode (daemon/protocols/cdp.c). The CVSS v3.1 base score is 9.8 (...

9.8CVSS9.1AI score0.00954EPSS
CVE
CVE
added 2020/01/28 6:15 p.m.76 views

CVE-2015-8012

CVE-2015-8012 affects lldpd up to version 0.8.0. A malformed packet can trigger an assertion failure in the daemon, causing denial of service via a crash. Multiple connected sources corroborate: remote attacker–sent malformed LLDP frames lead to daemon instability/crash (no confirmed remote code ...

7.5CVSS8.1AI score0.03EPSS
CVE
CVE
added 2026/06/09 10:49 p.m.41 views

CVE-2026-46433

CVE-2026-46433 affects lldpd (LLDP implementation). Prior to version 1.0.22, lldpd_decode() incorrectly shifts frame payload when removing 802.1Q VLAN tags, using a length calculation that causes a 4-byte heap OOB read if the frame size equals the interface MTU. This vulnerability is fixed in ver...

6.5CVSS5.5AI score0.00225EPSS