cbcvebase.
CVE-2020-27827
published 2021-03-18

CVE-2020-27827: A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific…

high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.

Affected

34 ranges· showing 25
VendorProductVersion rangeFixed in
debianlldpd< lldpd 1.0.8-1 (bookworm)lldpd 1.0.8-1 (bookworm)
debianopenvswitch< lldpd 1.0.8-1 (bookworm)lldpd 1.0.8-1 (bookworm)
fedoraprojectfedora
lldpopenvswitch
lldpd_projectlldpd< 1.0.81.0.8
lldpd_projectlldpd>= 0 < 1.0.8-11.0.8-1
lldpd_projectlldpd>= 0 < 1.0.8-11.0.8-1
lldpd_projectlldpd>= 0 < 1.0.8-11.0.8-1
lldpd_projectlldpd>= 0 < 1.0.8-11.0.8-1
msrccbl2_lldpd_1.0.14-1_on_cbl_mariner_2.0
msrccbl2_lldpd_1.0.4-3_on_cbl_mariner_2.0
msrccm1_openvswitch_2.12.3-2_on_cbl_mariner_1.0
openvswitchopenvswitch>= 0 < 2.15.0~git20210104.def6eb1ea+dfsg1-42.15.0~git20210104.def6eb1ea+dfsg1-4
openvswitchopenvswitch>= 0 < 2.15.0~git20210104.def6eb1ea+dfsg1-42.15.0~git20210104.def6eb1ea+dfsg1-4
openvswitchopenvswitch>= 0 < 2.15.0~git20210104.def6eb1ea+dfsg1-42.15.0~git20210104.def6eb1ea+dfsg1-4
openvswitchopenvswitch>= 0 < 2.15.0~git20210104.def6eb1ea+dfsg1-42.15.0~git20210104.def6eb1ea+dfsg1-4
openvswitchopenvswitch>= 2.10.0 < 2.10.62.10.6
openvswitchopenvswitch>= 2.11.0 < 2.11.52.11.5
openvswitchopenvswitch>= 2.12.0 < 2.12.22.12.2
openvswitchopenvswitch>= 2.13.0 < 2.13.22.13.2
openvswitchopenvswitch>= 2.14.0 < 2.14.12.14.1
openvswitchopenvswitch>= 2.6.0 < 2.6.92.6.9
openvswitchopenvswitch>= 2.7.0 < 2.7.122.7.12
openvswitchopenvswitch>= 2.8.0 < 2.8.102.8.10
openvswitchopenvswitch>= 2.9.0 < 2.9.82.9.8

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH