MidnightBSD

Advisories for lldpd_project

CVE-2015-8011 MEDIUM

Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,

Products Affected

Vendor Product Version
lldpd_project lldpd *
debian debian_linux 9.0
debian debian_linux 10.0
fedoraproject fedora 33
CVE-2015-8012 MEDIUM

lldpd before 0.8.0 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via a malformed packet.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-617,

Products Affected

Vendor Product Version
lldpd_project lldpd *
CVE-2020-27827 HIGH

A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: HIGH

Problem Type: CWE-400,

Products Affected

Vendor Product Version
siemens simatic_net_cp_1243-8_irc_firmware -
redhat openshift_container_platform 4.0
redhat virtualization 4.0
redhat enterprise_linux 7.0
siemens simatic_net_cp_1243-1_firmware -
redhat openstack 13
siemens sinumerik_one_firmware *
fedoraproject fedora 33
redhat enterprise_linux 8.0
siemens simatic_net_cp_1542sp-1_firmware -
siemens simatic_net_cp_1545-1_firmware -
lldpd_project lldpd *
siemens simatic_net_cp_1543-1_firmware -
openvswitch openvswitch *
siemens simatic_net_cp_1543sp-1_firmware -
redhat openstack 10
siemens tim_1531_irc_firmware *
siemens simatic_net_cp_1542sp-1_irc_firmware -
siemens simatic_hmi_unified_comfort_panels_firmware *
CVE-2021-43612

In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets.

Products Affected

Vendor Product Version
fedoraproject fedora 38
lldpd_project lldpd *
fedoraproject fedora 36
fedoraproject fedora 37
CVE-2023-41910

An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdp_decode in daemon/protocols/cdp.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
lldpd_project lldpd *