oss-sec mailing list archives
Re: CVE request: lldpd crash in lldp_decode due large management address
From: Florian Weimer <fw () deneb enyo de>
Date: Sun, 18 Oct 2015 21:42:53 +0200
* Florian Weimer:
Upstream commit: <https://github.com/vincentbernat/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2> If compiled with effective source fortification, the vulnerability is just a crash and not exploitable for anything else, as a result of the compiler-emitted length check for memcpy inside the PEEK_BYTES macro.
There is also another fix, an improper assert leading to a daemon crash: https://github.com/vincentbernat/lldpd/commit/793526f8884455f43daecd0a2c46772388417a00 This probably needs a separate CVE ID.
Current thread:
- CVE request: lldpd crash in lldp_decode due large management address Florian Weimer (Oct 15)
- Re: CVE request: lldpd crash in lldp_decode due large management address Florian Weimer (Oct 18)
- Re: CVE request: lldpd crash in lldp_decode due large management address cve-assign (Oct 29)