A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1921438 | Issue Tracking Mitigation Patch Third Party Advisory |
https://cert-portal.siemens.com/productcert/pdf/ssa-941426.pdf | Patch Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3T5XHPOGIPWCRRPJUE6P3HVC5PTSD5JS/ | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JYA4AMJXCNF6UPFG36L2TPPT32C242SP/ | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKQWHG2SZJZSGC7PXVDAEJYBN7ESDR7D/ | |
https://mail.openvswitch.org/pipermail/ovs-dev/2021-January/379471.html | Mailing List Mitigation Vendor Advisory |
https://security.gentoo.org/glsa/202311-16 | |
https://us-cert.cisa.gov/ics/advisories/icsa-21-194-07 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
History
26 Nov 2023, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Nov 2023, 03:21
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-400 | |
References |
|
|
20 Apr 2023, 07:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
19 Apr 2023, 04:15
Type | Values Removed | Values Added |
---|---|---|
CWE | ||
References |
|
07 Oct 2022, 02:53
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://us-cert.cisa.gov/ics/advisories/icsa-21-194-07 - Third Party Advisory, US Government Resource | |
References | (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-941426.pdf - Patch, Third Party Advisory | |
CPE | cpe:2.3:h:siemens:simatic_net_cp_1543-1:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_hmi_unified_comfort_panels:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:sinumerik_one_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_unified_comfort_panels_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_net_cp_1243-8_irc:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_net_cp_1243-1_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_net_cp_1545-1_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_net_cp_1243-8_irc_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_net_cp_1542sp-1_irc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_net_cp_1243-1:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_net_cp_1543sp-1:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_net_cp_1543sp-1_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_net_cp_1543-1_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:sinumerik_one:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_irc_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_net_cp_1545-1:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:tim_1531_irc_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_net_cp_1542sp-1:-:*:*:*:*:*:*:* |
|
First Time |
Siemens simatic Net Cp 1543sp-1
Siemens simatic Net Cp 1543sp-1 Firmware Siemens simatic Net Cp 1243-8 Irc Siemens simatic Hmi Unified Comfort Panels Firmware Siemens tim 1531 Irc Firmware Siemens sinumerik One Siemens Siemens simatic Net Cp 1243-1 Siemens simatic Net Cp 1545-1 Siemens simatic Net Cp 1545-1 Firmware Siemens sinumerik One Firmware Siemens simatic Hmi Unified Comfort Panels Siemens simatic Net Cp 1542sp-1 Siemens tim 1531 Irc Siemens simatic Net Cp 1243-8 Irc Firmware Siemens simatic Net Cp 1543-1 Firmware Siemens simatic Net Cp 1542sp-1 Irc Firmware Siemens simatic Net Cp 1542sp-1 Firmware Siemens simatic Net Cp 1243-1 Firmware Siemens simatic Net Cp 1542sp-1 Irc Siemens simatic Net Cp 1543-1 |
04 Aug 2021, 17:14
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:* | |
References |
|
02 Aug 2021, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
29 Mar 2021, 20:33
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:* cpe:2.3:a:redhat:openstack:13.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:* cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:* cpe:2.3:a:lldpd_project:lldpd:*:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* |
|
References | (MISC) https://mail.openvswitch.org/pipermail/ovs-dev/2021-January/379471.html - Mailing List, Mitigation, Vendor Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1921438 - Issue Tracking, Mitigation, Patch, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 7.1
v3 : 7.5 |
18 Mar 2021, 17:37
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-03-18 17:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-27827
Mitre link : CVE-2020-27827
CVE.ORG link : CVE-2020-27827
JSON object : View
Products Affected
siemens
- simatic_net_cp_1543-1
- simatic_net_cp_1243-1_firmware
- tim_1531_irc
- sinumerik_one
- simatic_net_cp_1543sp-1
- simatic_hmi_unified_comfort_panels_firmware
- simatic_net_cp_1542sp-1
- simatic_net_cp_1243-8_irc
- simatic_hmi_unified_comfort_panels
- simatic_net_cp_1543sp-1_firmware
- tim_1531_irc_firmware
- sinumerik_one_firmware
- simatic_net_cp_1545-1_firmware
- simatic_net_cp_1542sp-1_irc_firmware
- simatic_net_cp_1543-1_firmware
- simatic_net_cp_1542sp-1_firmware
- simatic_net_cp_1542sp-1_irc
- simatic_net_cp_1545-1
- simatic_net_cp_1243-1
- simatic_net_cp_1243-8_irc_firmware
redhat
- virtualization
- enterprise_linux
- openstack
- openshift_container_platform
lldpd_project
- lldpd
fedoraproject
- fedora
openvswitch
- openvswitch
CWE
CWE-400
Uncontrolled Resource Consumption