Arch Linux 805 Published by

An openvswitch security update has been released for Arch Linux.



ASA-202101-28: openvswitch: multiple issues


Arch Linux Security Advisory ASA-202101-28
=========================================
Severity: Medium
Date : 2021-01-20
CVE-ID : CVE-2015-8011 CVE-2020-27827
Package : openvswitch
Type : multiple issues
Remote : Yes
Link :   https://security.archlinux.org/AVG-1456

Summary
======
The package openvswitch before version 2.14.1-1 is vulnerable to
multiple issues including arbitrary code execution and information
disclosure.

Resolution
=========
Upgrade to 2.14.1-1.

# pacman -Syu "openvswitch>=2.14.1-1"

The problems have been fixed upstream in version 2.14.1.

Workaround
=========
None.

Description
==========
- CVE-2015-8011 (arbitrary code execution)

A buffer overflow in the lldp_decode function in
daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers
to cause a denial of service (daemon crash) and possibly execute
arbitrary code via vectors involving large management addresses and TLV
boundaries.

- CVE-2020-27827 (information disclosure)

A security issue was found in lldpd before version 1.0.8. A packet that
contains multiple instances of certain TLVs will cause lldpd to
continually allocate memory and leak the old memory. As an example,
multiple instances of system name TLV will cause old values to be
dropped by the decoding routine.

Impact
=====
A remote attacker can leak information or possibly execute arbitrary
code through crafted packets.

References
=========
  https://www.openwall.com/lists/oss-security/2015/10/16/2
  https://github.com/lldpd/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2
  https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000268.html
  https://github.com/openvswitch/ovs/pull/335
  https://github.com/openvswitch/ovs/commit/ec51fc90669e5fe1a2096581296d55b3acda6711
  https://github.com/lldpd/lldpd/blob/master/NEWS
  https://github.com/lldpd/lldpd/commit/a8d3c90feca548fc0656d95b5d278713db86ff61
  https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000269.html
  https://github.com/openvswitch/ovs/pull/337
  https://github.com/openvswitch/ovs/commit/f915f32f5667e3b9d460055d8b47fa5d204ce83a
  https://security.archlinux.org/CVE-2015-8011
  https://security.archlinux.org/CVE-2020-27827