CVE-2020-27827

HIGH

Description

A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1921438

https://mail.openvswitch.org/pipermail/ovs-dev/2021-January/379471.html

Details

Source: MITRE

Published: 2021-03-18

Updated: 2021-03-29

Type: CWE-400

Risk Information

CVSS v2.0

Base Score: 7.1

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 8.6

Severity: HIGH

CVSS v3.0

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Tenable Plugins

View all (20 total)

IDNameProductFamilySeverity
148342Photon OS 3.0: Openvswitch PHSA-2021-3.0-0215NessusPhotonOS Local Security Checks
high
148257RHEL 7 : openvswitch2.11 (RHSA-2021:1050)NessusRed Hat Local Security Checks
high
148256RHEL 7 : RHV-H enhancement and security update (redhat-virtualization-host) 4.3.14 (Moderate) (RHSA-2021:1051)NessusRed Hat Local Security Checks
high
148032RHEL 8 : Red Hat Virtualization Host security, bug fix and enhancement update (4.4.4-2) (Moderate) (RHSA-2021:0976)NessusRed Hat Local Security Checks
high
147810RHEL 7 : openvswitch2.11 (RHSA-2021:0834)NessusRed Hat Local Security Checks
high
147807RHEL 8 : openvswitch2.11 (RHSA-2021:0837)NessusRed Hat Local Security Checks
high
147806RHEL 7 : openvswitch2.13 (RHSA-2021:0835)NessusRed Hat Local Security Checks
high
147151Fedora 33 : 2:dpdk / openvswitch (2021-fba11d37ee)NessusFedora Local Security Checks
medium
146677Debian DLA-2571-1 : openvswitch security updateNessusDebian Local Security Checks
high
146439RHEL 8 : openvswitch2.13 (RHSA-2021:0497)NessusRed Hat Local Security Checks
high
146287openSUSE Security Update : openvswitch (openSUSE-2021-239)NessusSuSE Local Security Checks
high
146187SUSE SLES12 Security Update : openvswitch (SUSE-SU-2021:0298-1)NessusSuSE Local Security Checks
high
146174SUSE SLES15 Security Update : openvswitch (SUSE-SU-2021:0277-1)NessusSuSE Local Security Checks
high
146170SUSE SLES12 Security Update : openvswitch (SUSE-SU-2021:0297-1)NessusSuSE Local Security Checks
high
146141SUSE SLES12 Security Update : openvswitch (SUSE-SU-2021:0276-1)NessusSuSE Local Security Checks
high
146135SUSE SLES12 Security Update : openvswitch (SUSE-SU-2021:0284-1)NessusSuSE Local Security Checks
high
146111SUSE SLED15 / SLES15 Security Update : openvswitch (SUSE-SU-2021:0300-1)NessusSuSE Local Security Checks
high
146050SUSE SLED15 / SLES15 Security Update : openvswitch (SUSE-SU-2021:0258-1)NessusSuSE Local Security Checks
high
145309Debian DSA-4836-1 : openvswitch - security updateNessusDebian Local Security Checks
medium
144943Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 : Open vSwitch vulnerabilities (USN-4691-1)NessusUbuntu Local Security Checks
medium