[ovs-git] [openvswitch/ovs] cf36f8: lldp: do not leak memory on multiple instances of ...
Aaron Conole
noreply at github.com
Wed Jan 13 16:18:13 UTC 2021
Branch: refs/heads/branch-2.7
Home: https://github.com/openvswitch/ovs
Commit: cf36f86669041ff1caca7c85f922e184892425b6
https://github.com/openvswitch/ovs/commit/cf36f86669041ff1caca7c85f922e184892425b6
Author: Aaron Conole <aconole at redhat.com>
Date: 2021-01-13 (Wed, 13 Jan 2021)
Changed paths:
M lib/lldp/lldp.c
Log Message:
-----------
lldp: do not leak memory on multiple instances of TLVs
Upstream commit:
commit a8d3c90feca548fc0656d95b5d278713db86ff61
Date: Tue, 17 Nov 2020 09:28:17 -0500
lldp: avoid memory leak from bad packets
A packet that contains multiple instances of certain TLVs will cause
lldpd to continually allocate memory and leak the old memory. As an
example, multiple instances of system name TLV will cause old values
to be dropped by the decoding routine.
Reported-at: https://github.com/openvswitch/ovs/pull/337
Reported-by: Jonas Rudloff <jonas.t.rudloff at gmail.com>
Signed-off-by: Aaron Conole <aconole at redhat.com>
Vulnerability: CVE-2020-27827
Signed-off-by: Aaron Conole <aconole at redhat.com>
Signed-off-by: Ilya Maximets <i.maximets at ovn.org>
More information about the git
mailing list