oss-sec mailing list archives
CVE request: lldpd crash in lldp_decode due large management address
From: Florian Weimer <fw () deneb enyo de>
Date: Fri, 16 Oct 2015 08:05:57 +0200
Upstream commit: <https://github.com/vincentbernat/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2> If compiled with effective source fortification, the vulnerability is just a crash and not exploitable for anything else, as a result of the compiler-emitted length check for memcpy inside the PEEK_BYTES macro.
Current thread:
- CVE request: lldpd crash in lldp_decode due large management address Florian Weimer (Oct 15)
- Re: CVE request: lldpd crash in lldp_decode due large management address Florian Weimer (Oct 18)
- Re: CVE request: lldpd crash in lldp_decode due large management address cve-assign (Oct 29)