Arch Linux Security Advisory ASA-202101-28 ========================================== Severity: Medium Date : 2021-01-20 CVE-ID : CVE-2015-8011 CVE-2020-27827 Package : openvswitch Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1456 Summary ======= The package openvswitch before version 2.14.1-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. Resolution ========== Upgrade to 2.14.1-1. # pacman -Syu "openvswitch>=2.14.1-1" The problems have been fixed upstream in version 2.14.1. Workaround ========== None. Description =========== - CVE-2015-8011 (arbitrary code execution) A buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries. - CVE-2020-27827 (information disclosure) A security issue was found in lldpd before version 1.0.8. A packet that contains multiple instances of certain TLVs will cause lldpd to continually allocate memory and leak the old memory. As an example, multiple instances of system name TLV will cause old values to be dropped by the decoding routine. Impact ====== A remote attacker can leak information or possibly execute arbitrary code through crafted packets. References ========== https://www.openwall.com/lists/oss-security/2015/10/16/2 https://github.com/lldpd/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dc... https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000268.html https://github.com/openvswitch/ovs/pull/335 https://github.com/openvswitch/ovs/commit/ec51fc90669e5fe1a2096581296d55b3ac... https://github.com/lldpd/lldpd/blob/master/NEWS https://github.com/lldpd/lldpd/commit/a8d3c90feca548fc0656d95b5d278713db86ff... https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000269.html https://github.com/openvswitch/ovs/pull/337 https://github.com/openvswitch/ovs/commit/f915f32f5667e3b9d460055d8b47fa5d20... https://security.archlinux.org/CVE-2015-8011 https://security.archlinux.org/CVE-2020-27827