rpm package
opensuse/lldpd&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/lldpd&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-46433 | Med | 6.5 | < 1.0.22-1.1 | 1.0.22-1.1 | Jun 9, 2026 | lldpd is an implementation of IEEE 802.1ab (LLDP). Prior to version 1.0.22, lldpd_decode() in src/daemon/lldpd.c strips 802.1Q VLAN tags from received Ethernet frames by calling memmove() to shift the frame payload 4 bytes left. The third argument (byte count) is s - 2 * ETHER_AD | |
| CVE-2021-43612 | — | < 1.0.13-1.1 | 1.0.13-1.1 | Apr 15, 2023 | In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets. |
- affected < 1.0.22-1.1fixed 1.0.22-1.1
lldpd is an implementation of IEEE 802.1ab (LLDP). Prior to version 1.0.22, lldpd_decode() in src/daemon/lldpd.c strips 802.1Q VLAN tags from received Ethernet frames by calling memmove() to shift the frame payload 4 bytes left. The third argument (byte count) is s - 2 * ETHER_AD
- CVE-2021-43612Apr 15, 2023affected < 1.0.13-1.1fixed 1.0.13-1.1
In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets.