CVE-2015-8011 - log back

CVE-2015-8011 edited at 14 Jan 2021 21:58:22
References
https://www.openwall.com/lists/oss-security/2015/10/16/2
+ https://github.com/lldpd/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2
https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000268.html
- https://github.com/lldpd/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2
+ https://github.com/openvswitch/ovs/pull/335
+ https://github.com/openvswitch/ovs/commit/ec51fc90669e5fe1a2096581296d55b3acda6711
CVE-2015-8011 edited at 14 Jan 2021 21:48:31
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Arbitrary code execution
Description
+ A buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries.
References
+ https://www.openwall.com/lists/oss-security/2015/10/16/2
+ https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000268.html
+ https://github.com/lldpd/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2
Notes
CVE-2015-8011 created at 14 Jan 2021 21:45:31