PT-2020-5836 · Open Vswitch+7 · Openvswitch+7

Jonas Rudloff

·

Published

2020-09-22

·

Updated

2025-03-17

·

CVE-2020-27827

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: OpenvSwitch versions (affected versions not specified)
Description: A flaw was found in OpenvSwitch related to the implementation of the LLDP protocol. Specially crafted LLDP packets can cause memory loss when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

ALSA-2024:9158
ALT-PU-2021-1061
ALT-PU-2021-1177
ALT-PU-2021-1349
ALT-PU-2021-1375
ALT-PU-2021-1483
ALT-PU-2021-2054
AZL-10443
BDU:2021-01805
CVE-2020-27827
DLA-2571-1
DLA-3389-1
DSA-4836-1
INFSA-2024_9158
OESA-2021-1179
OPENSUSE-SU-2021:0239-1
OPENSUSE-SU-2021_0239-1
OPENSUSE-SU-2024:11024-1
OPENSUSE-SU-2024:11129-1
RHSA-2021:0497
RHSA-2021:0834
RHSA-2021:0835
RHSA-2021:0837
RHSA-2021:0976
RHSA-2021:1050
RHSA-2021:1051
RHSA-2021:2077
RHSA-2021:2456
RHSA-2024:9158
RHSA-2024_9158
RLSA-2024:9158
SUSE-SU-2021:0258-1
SUSE-SU-2021:0276-1
SUSE-SU-2021:0277-1
SUSE-SU-2021:0284-1
SUSE-SU-2021:0297-1
SUSE-SU-2021:0298-1
SUSE-SU-2021:0300-1
SUSE-SU-2021_0258-1
SUSE-SU-2021_0276-1
SUSE-SU-2021_0277-1
SUSE-SU-2021_0284-1
SUSE-SU-2021_0297-1
SUSE-SU-2021_0298-1
SUSE-SU-2021_0300-1
USN-4691-1

Affected Products

Alt Linux
Almalinux
Linuxmint
Openvswitch
Red Hat
Rocky Linux
Suse
Ubuntu