VYPR

rpm package

opensuse/lldpd&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/lldpd&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2026-46433MedJun 9, 2026
    affected < 1.0.22-1.1fixed 1.0.22-1.1

    lldpd is an implementation of IEEE 802.1ab (LLDP). Prior to version 1.0.22, lldpd_decode() in src/daemon/lldpd.c strips 802.1Q VLAN tags from received Ethernet frames by calling memmove() to shift the frame payload 4 bytes left. The third argument (byte count) is s - 2 * ETHER_AD

  • CVE-2021-43612Apr 15, 2023
    affected < 1.0.13-1.1fixed 1.0.13-1.1

    In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets.