VDB
CVE-2020-27827
CVE-2020-27827
PUBLISHED
A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.
EPSS 0.50% · 66.6th percentile
Risk Scores
EPSS Score
0.50%
66.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:18.04:LTS | lldpd | 0, 0.9.8-1, 0.9.9-1 |
| Ubuntu:20.04:LTS | lldpd | 0, 1.0.4-1, 1.0.4-1build1 |
| Ubuntu:20.04:LTS | openvswitch | 2.13.0~git20200127.dbdf66c29-0ubuntu2, 2.12.90~git20200107.af683565b-0ubuntu2, 2.12.90~git20200107.af683565b-0ubuntu3 |
| Ubuntu:25.10 | lldpd | 1.0.18-1build3, 1.0.18-1build4, 0 |
| Ubuntu:16.04:LTS | lldpd | 0, 0.7.16-1, 0.7.19-1 |
| Ubuntu:22.04:LTS | lldpd | 1.0.11-1, 1.0.12-1, 1.0.13-1 |
| Ubuntu:24.04:LTS | lldpd | 1.0.18-1, 1.0.18-1build3, 0 |
| Ubuntu:18.04:LTS | openvswitch | 2.9.5-0ubuntu0.18.04.1, 2.8.1-0ubuntu2, 0 |
| Ubuntu:16.04:LTS | openvswitch | 2.5.2-0ubuntu0.16.04.1, 2.4.0-0ubuntu4, 2.5.4-0ubuntu0.16.04.1 |
Exploit Intelligence
- CVE-2022-32250.yara (github-yara)
- CVE-2022-32250.yara (github-yara)
- CVE-2022-32250.yara (github-yara)
- CVE-2022-32250.yara (github-yara)
- CVE-2022-32250.yara (github-yara)
- CVE-2022-32250.yara (github-yara)
- CVE-2022-32250.yara (github-yara)
- CVE-2022-32250.yara (github-yara)
Timeline
- Jan 13, 2021 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2020-27827 third-party-advisory
- https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000269.html third-party-advisory
- https://ubuntu.com/security/notices/USN-4691-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2020-27827 third-party-advisory