Lldpdproject Lldpd
By the Year
In 2024 there have been 0 vulnerabilities in Lldpdproject Lldpd . Last year Lldpd had 2 security vulnerabilities published. Right now, Lldpd is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 2 | 8.65 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 7.50 |
| 2020 | 1 | 9.80 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Lldpd vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Lldpdproject Lldpd Security Vulnerabilities
An issue was discovered in lldpd before 1.0.17
CVE-2023-41910
9.8 - Critical
- September 05, 2023
An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdp_decode in daemon/protocols/cdp.c.
Out-of-bounds Read
In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read
CVE-2021-43612
7.5 - High
- April 15, 2023
In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets.
Memory Corruption
A flaw was found in multiple versions of OpenvSwitch
CVE-2020-27827
7.5 - High
- March 18, 2021
A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.
Resource Exhaustion
Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0
CVE-2015-8011
9.8 - Critical
- January 28, 2020
Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries.
Classic Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Fedora Project Fedora or by Lldpdproject? Click the Watch button to subscribe.
