CVE-2020-27827

lldp/openvswitch: denial of service via externally triggered memory leak

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.

Se encontró un fallo en múltiples versiones de OpenvSwitch. Los paquetes LLDP especialmente diseñados pueden causar que una memoria se pierda cuando se asignan datos para manejar TLV opcionales específicos, potencialmente causando una denegación de servicio. La mayor amenaza de esta vulnerabilidad es la disponibilidad del sistema

A flaw was found in multiple versions of Open vSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2020-10-27 CVE Reserved
2021-01-28 CVE Published
2024-08-04 CVE Updated
2024-08-21 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-400: Uncontrolled Resource Consumption

CAPEC

References (9)

URL	Tag	Source
https://us-cert.cisa.gov/ics/advisories/icsa-21-194-07	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://bugzilla.redhat.com/show_bug.cgi?id=1921438	2021-06-16
https://cert-portal.siemens.com/productcert/pdf/ssa-941426.pdf	2023-11-26

URL	Date	SRC
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3T5XHPOGIPWCRRPJUE6P3HVC5PTSD5JS	2023-11-26
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JYA4AMJXCNF6UPFG36L2TPPT32C242SP	2023-11-26
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKQWHG2SZJZSGC7PXVDAEJYBN7ESDR7D	2023-11-26
https://mail.openvswitch.org/pipermail/ovs-dev/2021-January/379471.html	2023-11-26
https://security.gentoo.org/glsa/202311-16	2023-11-26
https://access.redhat.com/security/cve/CVE-2020-27827	2021-06-16

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Siemens Search vendor "Siemens"	Simatic Hmi Unified Comfort Panels Firmware Search vendor "Siemens" for product "Simatic Hmi Unified Comfort Panels Firmware"	< 17 Search vendor "Siemens" for product "Simatic Hmi Unified Comfort Panels Firmware" and version " < 17"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Hmi Unified Comfort Panels Search vendor "Siemens" for product "Simatic Hmi Unified Comfort Panels"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Net Cp 1243-1 Firmware Search vendor "Siemens" for product "Simatic Net Cp 1243-1 Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Net Cp 1243-1 Search vendor "Siemens" for product "Simatic Net Cp 1243-1"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Net Cp 1243-8 Irc Firmware Search vendor "Siemens" for product "Simatic Net Cp 1243-8 Irc Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Net Cp 1243-8 Irc Search vendor "Siemens" for product "Simatic Net Cp 1243-8 Irc"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Net Cp 1542sp-1 Firmware Search vendor "Siemens" for product "Simatic Net Cp 1542sp-1 Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Net Cp 1542sp-1 Search vendor "Siemens" for product "Simatic Net Cp 1542sp-1"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Net Cp 1542sp-1 Irc Firmware Search vendor "Siemens" for product "Simatic Net Cp 1542sp-1 Irc Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Net Cp 1542sp-1 Irc Search vendor "Siemens" for product "Simatic Net Cp 1542sp-1 Irc"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Net Cp 1543-1 Firmware Search vendor "Siemens" for product "Simatic Net Cp 1543-1 Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Net Cp 1543-1 Search vendor "Siemens" for product "Simatic Net Cp 1543-1"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Net Cp 1543sp-1 Firmware Search vendor "Siemens" for product "Simatic Net Cp 1543sp-1 Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Net Cp 1543sp-1 Search vendor "Siemens" for product "Simatic Net Cp 1543sp-1"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Net Cp 1545-1 Firmware Search vendor "Siemens" for product "Simatic Net Cp 1545-1 Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Net Cp 1545-1 Search vendor "Siemens" for product "Simatic Net Cp 1545-1"	-	-	Safe
Siemens Search vendor "Siemens"	Tim 1531 Irc Firmware Search vendor "Siemens" for product "Tim 1531 Irc Firmware"	< 2.2 Search vendor "Siemens" for product "Tim 1531 Irc Firmware" and version " < 2.2"	-	Affected	in	Siemens Search vendor "Siemens"	Tim 1531 Irc Search vendor "Siemens" for product "Tim 1531 Irc"	-	-	Safe
Siemens Search vendor "Siemens"	Sinumerik One Firmware Search vendor "Siemens" for product "Sinumerik One Firmware"	< 2.0.1 Search vendor "Siemens" for product "Sinumerik One Firmware" and version " < 2.0.1"	-	Affected	in	Siemens Search vendor "Siemens"	Sinumerik One Search vendor "Siemens" for product "Sinumerik One"	-	-	Safe
Lldpd Project Search vendor "Lldpd Project"		Lldpd Search vendor "Lldpd Project" for product "Lldpd"				< 1.0.8 Search vendor "Lldpd Project" for product "Lldpd" and version " < 1.0.8"		-		Affected
Openvswitch Search vendor "Openvswitch"		Openvswitch Search vendor "Openvswitch" for product "Openvswitch"				>= 2.6.0 < 2.6.9 Search vendor "Openvswitch" for product "Openvswitch" and version " >= 2.6.0 < 2.6.9"		-		Affected
Openvswitch Search vendor "Openvswitch"		Openvswitch Search vendor "Openvswitch" for product "Openvswitch"				>= 2.7.0 < 2.7.12 Search vendor "Openvswitch" for product "Openvswitch" and version " >= 2.7.0 < 2.7.12"		-		Affected
Openvswitch Search vendor "Openvswitch"		Openvswitch Search vendor "Openvswitch" for product "Openvswitch"				>= 2.8.0 < 2.8.10 Search vendor "Openvswitch" for product "Openvswitch" and version " >= 2.8.0 < 2.8.10"		-		Affected
Openvswitch Search vendor "Openvswitch"		Openvswitch Search vendor "Openvswitch" for product "Openvswitch"				>= 2.9.0 < 2.9.8 Search vendor "Openvswitch" for product "Openvswitch" and version " >= 2.9.0 < 2.9.8"		-		Affected
Openvswitch Search vendor "Openvswitch"		Openvswitch Search vendor "Openvswitch" for product "Openvswitch"				>= 2.10.0 < 2.10.6 Search vendor "Openvswitch" for product "Openvswitch" and version " >= 2.10.0 < 2.10.6"		-		Affected
Openvswitch Search vendor "Openvswitch"		Openvswitch Search vendor "Openvswitch" for product "Openvswitch"				>= 2.11.0 < 2.11.5 Search vendor "Openvswitch" for product "Openvswitch" and version " >= 2.11.0 < 2.11.5"		-		Affected
Openvswitch Search vendor "Openvswitch"		Openvswitch Search vendor "Openvswitch" for product "Openvswitch"				>= 2.12.0 < 2.12.2 Search vendor "Openvswitch" for product "Openvswitch" and version " >= 2.12.0 < 2.12.2"		-		Affected
Openvswitch Search vendor "Openvswitch"		Openvswitch Search vendor "Openvswitch" for product "Openvswitch"				>= 2.13.0 < 2.13.2 Search vendor "Openvswitch" for product "Openvswitch" and version " >= 2.13.0 < 2.13.2"		-		Affected
Openvswitch Search vendor "Openvswitch"		Openvswitch Search vendor "Openvswitch" for product "Openvswitch"				>= 2.14.0 < 2.14.1 Search vendor "Openvswitch" for product "Openvswitch" and version " >= 2.14.0 < 2.14.1"		-		Affected
Redhat Search vendor "Redhat"		Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform"				4.0 Search vendor "Redhat" for product "Openshift Container Platform" and version "4.0"		-		Affected
Redhat Search vendor "Redhat"		Openstack Search vendor "Redhat" for product "Openstack"				10 Search vendor "Redhat" for product "Openstack" and version "10"		-		Affected
Redhat Search vendor "Redhat"		Openstack Search vendor "Redhat" for product "Openstack"				13 Search vendor "Redhat" for product "Openstack" and version "13"		-		Affected
Redhat Search vendor "Redhat"		Virtualization Search vendor "Redhat" for product "Virtualization"				4.0 Search vendor "Redhat" for product "Virtualization" and version "4.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux"				7.0 Search vendor "Redhat" for product "Enterprise Linux" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux"				8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				33 Search vendor "Fedoraproject" for product "Fedora" and version "33"		-		Affected