← Back

CVE-2020-27827

nvd nist
Published: Mar 18, 2021Modified: Dec 3, 2025

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.

Affected (27)

Show all products
Lldpd Project: Lldpd · Openvswitch: Openvswitch · Redhat: Enterprise Linux, Openshift Container Platform, Openstack, Virtualization · Fedoraproject: Fedora · Siemens: Simatic Hmi Unified Comfort Panels Firmware, Simatic Net Cp 1243 1 Firmware, Simatic Net Cp 1243 8 Irc Firmware, Simatic Net Cp 1542sp 1 Firmware, Simatic Net Cp 1542sp 1 Irc Firmware, Simatic Net Cp 1543 1 Firmware, Simatic Net Cp 1543sp 1 Firmware, Simatic Net Cp 1545 1 Firmware, Tim 1531 Irc Firmware, Sinumerik One Firmware
Lldpd Project
1 product
Lldpd
Openvswitch
1 product
Openvswitch
Redhat
4 products
Enterprise Linux
Openshift Container Platform
Openstack
Virtualization
Fedoraproject
1 product
Fedora
Siemens
10 products
Simatic Hmi Unified Comfort Panels Firmware
Simatic Net Cp 1243 1 Firmware
Simatic Net Cp 1243 8 Irc Firmware
Simatic Net Cp 1542sp 1 Firmware
Simatic Net Cp 1542sp 1 Irc Firmware
Simatic Net Cp 1543 1 Firmware
Simatic Net Cp 1543sp 1 Firmware
Simatic Net Cp 1545 1 Firmware
Tim 1531 Irc Firmware
Sinumerik One Firmware
Configuration A
10 vulnerable
Vulnerable SoftwareAffected Versions
Lldpd
Before 1.0.8
Openvswitch
Openvswitch
From 2.10.0 to 2.10.6
Openvswitch
From 2.11.0 to 2.11.5
Openvswitch
From 2.12.0 to 2.12.2
Openvswitch
From 2.13.0 to 2.13.2
Openvswitch
From 2.14.0 to 2.14.1
Openvswitch
From 2.6.0 to 2.6.9
Openvswitch
From 2.7.0 to 2.7.12
Openvswitch
From 2.8.0 to 2.8.10
Openvswitch
From 2.9.0 to 2.9.8
Configuration B
6 vulnerable
Vulnerable SoftwareAffected Versions
Redhat
Enterprise Linux
Version 7.0
Enterprise Linux
Version 8.0
Openshift Container Platform
Version 4.0
Redhat
Openstack
Version 10
Openstack
Version 13
Virtualization
Version 4.0
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Fedora
Version 33
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Simatic Hmi Unified Comfort Panels Firmware
Before 17
Running on/withPlatform Versions
Siemens
Simatic Hmi Unified Comfort Panels
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Simatic Net Cp 1243 1 Firmware
All versions
Running on/withPlatform Versions
Siemens
Simatic Net Cp 1243 1
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Simatic Net Cp 1243 8 Irc Firmware
All versions
Running on/withPlatform Versions
Siemens
Simatic Net Cp 1243 8 Irc
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Simatic Net Cp 1542sp 1 Firmware
All versions
Running on/withPlatform Versions
Siemens
Simatic Net Cp 1542sp 1
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Simatic Net Cp 1542sp 1 Irc Firmware
All versions
Running on/withPlatform Versions
Siemens
Simatic Net Cp 1542sp 1 Irc
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Simatic Net Cp 1543 1 Firmware
All versions
Running on/withPlatform Versions
Siemens
Simatic Net Cp 1543 1
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Simatic Net Cp 1543sp 1 Firmware
All versions
Running on/withPlatform Versions
Siemens
Simatic Net Cp 1543sp 1
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Simatic Net Cp 1545 1 Firmware
All versions
Running on/withPlatform Versions
Siemens
Simatic Net Cp 1545 1
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Tim 1531 Irc Firmware
Before 2.2
Running on/withPlatform Versions
Siemens
Tim 1531 Irc
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sinumerik One Firmware
Before 2.0.1
Running on/withPlatform Versions
Siemens
Sinumerik One
All versions

Related CWEs

CWE-400
Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (16)

Source: secalert@redhat.com
Issue TrackingMitigationPatchThird Party Advisory
Source: secalert@redhat.com
PatchThird Party Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Mailing ListMitigationVendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingMitigationPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListMitigationVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource

Timeline

No history available yet.