A buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries.
A buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries.
https://www.openwall.com/lists/oss-security/2015/10/16/2 https://github.com/lldpd/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2 https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000268.html https://github.com/openvswitch/ovs/pull/335 https://github.com/openvswitch/ovs/commit/ec51fc90669e5fe1a2096581296d55b3acda6711