]>
Commit | Line | Data |
---|---|---|
aa58fbfe VB |
1 | --- |
2 | title: Security | |
3 | --- | |
4 | ||
5 | `lldpd` contains several security features to mitigate vulnerabilities | |
6 | (privilege separation, chrooted process, …). If you wish to report a | |
7 | security issue, either open an [issue on GitHub][] or [mail me][] | |
8 | directly. | |
9 | ||
10 | # Past vulnerabilities | |
11 | ||
d436b636 VB |
12 | * [CVE-2020-27827][]: memory exhaustion attack through crafted LLDPU |
13 | with some duplicate TLVs. A remote device can send LLDPU with a | |
14 | duplicate port description, system name, or system description TLV. | |
15 | The vulnerability does not allow arbitrary code execution. This bug | |
16 | is present since the initial release. It has been fixed in commit | |
17 | [a8d3c90f][] and in version 1.0.8. | |
18 | ||
aa58fbfe VB |
19 | * [CVE-2015-8011][]: buffer overflow when handling management address |
20 | TLV for LLDP. When a remote device was advertising a too large | |
21 | management address while still respecting TLV boundaries, lldpd | |
22 | would crash due to a buffer overflow. This vulnerability affects | |
23 | the parser which is run in an unprivileged and chrooted | |
24 | process. It does not allow arbitrary code execution | |
25 | unless hardening has been specifically disabled. This bug has been | |
26 | introduced in version 0.6.0. It has been fixed in commit | |
27 | [dd4f16e7][] and in version 0.7.19. | |
28 | ||
29 | * [CVE-2015-8012][]: crash on malformed management address. When a | |
30 | remote device was advertising a malformed management address, lldpd | |
31 | would crash with an assertion error. This vulnerability affects the | |
32 | parser which is run in an unprivileged and chrooted process. It | |
33 | does not allow arbitrary code execution. This bug has been | |
34 | introduced in version 0.6.0. It has been fixed in commit | |
35 | [793526f8][] and in version 0.7.19. | |
36 | ||
aaa57e6d | 37 | [issue on GitHub]: https://github.com/lldpd/lldpd/issues/new |
4d5fba58 | 38 | [mail me]: mailto:vincent@bernat.ch |
aa58fbfe VB |
39 | [CVE-2015-8011]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8011 |
40 | [CVE-2015-8012]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8012 | |
d436b636 | 41 | [CVE-2020-27827]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27827 |
aaa57e6d VB |
42 | [dd4f16e7]: https://github.com/lldpd/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2 |
43 | [793526f8]: https://github.com/lldpd/lldpd/commit/793526f8884455f43daecd0a2c46772388417a00 | |
d436b636 | 44 | [a8d3c90f]: https://github.com/lldpd/lldpd/commit/a8d3c90feca548fc0656d95b5d278713db86ff61 |
aa58fbfe VB |
45 | |
46 | {# Local Variables: #} | |
47 | {# mode: markdown #} | |
48 | {# indent-tabs-mode: nil #} | |
49 | {# End: #} |