"Multiple versions of Open vSwitch are vulnerable to denial of service attacks in which crafted LLDP packets could cause memory to be lost when allocating data to handle specific optional TLVs. Triggering the vulnerability requires LLDP processing to be enabled for a specific port. Open vSwitch versions before 2.5.x are not vulnerable. The Common Vulnerabilities and Exposures project (cve.mitre.org) previously assigned the identifier CVE-2020-27827 to this issue for the `lldpd` project, and the Open vSwitch project."
this is fixed (2.14.1 added and fast stabled with cleanup)
Waiting for bug 769995.
Package list is empty or all packages have requested keywords.