[manjaro-security] [ASA-202101-28] openvswitch: multiple issues

Morten Linderud via arch-security arch-security at lists.archlinux.org
Thu Jan 28 22:59:25 CET 2021 

Arch Linux Security Advisory ASA-202101-28
==========================================

Severity: Medium
Date    : 2021-01-20
CVE-ID  : CVE-2015-8011 CVE-2020-27827
Package : openvswitch
Type    : multiple issues
Remote  : Yes
Link    : https://security.archlinux.org/AVG-1456

Summary
=======

The package openvswitch before version 2.14.1-1 is vulnerable to
multiple issues including arbitrary code execution and information
disclosure.

Resolution
==========

Upgrade to 2.14.1-1.

# pacman -Syu "openvswitch>=2.14.1-1"

The problems have been fixed upstream in version 2.14.1.

Workaround
==========

None.

Description
===========

- CVE-2015-8011 (arbitrary code execution)

A buffer overflow in the lldp_decode function in
daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers
to cause a denial of service (daemon crash) and possibly execute
arbitrary code via vectors involving large management addresses and TLV
boundaries.

- CVE-2020-27827 (information disclosure)

A security issue was found in lldpd before version 1.0.8. A packet that
contains multiple instances of certain TLVs will cause lldpd to
continually allocate memory and leak the old memory.  As an example,
multiple instances of system name TLV will cause old values to be
dropped by the decoding routine.

Impact
======

A remote attacker can leak information or possibly execute arbitrary
code through crafted packets.

References
==========

https://www.openwall.com/lists/oss-security/2015/10/16/2
https://github.com/lldpd/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2
https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000268.html
https://github.com/openvswitch/ovs/pull/335
https://github.com/openvswitch/ovs/commit/ec51fc90669e5fe1a2096581296d55b3acda6711
https://github.com/lldpd/lldpd/blob/master/NEWS
https://github.com/lldpd/lldpd/commit/a8d3c90feca548fc0656d95b5d278713db86ff61
https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000269.html
https://github.com/openvswitch/ovs/pull/337
https://github.com/openvswitch/ovs/commit/f915f32f5667e3b9d460055d8b47fa5d204ce83a
https://security.archlinux.org/CVE-2015-8011
https://security.archlinux.org/CVE-2020-27827
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.manjaro.org/pipermail/manjaro-security/attachments/20210128/f60b5542/attachment.sig>

More information about the manjaro-security mailing list