CVE-2021-43612

Опубликовано: 15 апр. 2023

Источник: debian

EPSS Низкий

Описание

In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
lldpd	fixed	1.0.13-1		package
lldpd	fixed	1.0.11-1+deb11u1	bullseye	package
lldpd	no-dsa		stretch	package

Примечания

https://github.com/lldpd/lldpd/commit/73d42680fce8598324364dbb31b9bc3b8320adf7 (1.0.13)

EPSS

Процентиль: 34%

0.00135

Низкий

Связанные уязвимости

CVE-2021-43612

CVSS3: 7.5

ubuntu

около 2 лет назад

In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets.

CVE-2021-43612

CVSS3: 7.3

redhat

больше 3 лет назад

In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets.

CVE-2021-43612

CVSS3: 7.5

nvd

около 2 лет назад

In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets.

GHSA-x6gw-c547-cwm7

CVSS3: 7.5

github

около 2 лет назад

In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets.

ELSA-2024-9158

oracle-oval

8 месяцев назад

ELSA-2024-9158: lldpd security update (MODERATE)

EPSS

Процентиль: 34%

0.00135

Низкий