{"id":"CVE-2020-27827","details":"A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.","modified":"2026-03-20T11:36:09.072062Z","published":"2021-03-18T17:15:13.510Z","related":["ALSA-2024:9158","SUSE-SU-2021:0258-1","SUSE-SU-2021:0276-1","SUSE-SU-2021:0277-1","SUSE-SU-2021:0284-1","SUSE-SU-2021:0297-1","SUSE-SU-2021:0298-1","SUSE-SU-2021:0300-1","openSUSE-SU-2021:0239-1","openSUSE-SU-2024:11024-1","openSUSE-SU-2024:11129-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3T5XHPOGIPWCRRPJUE6P3HVC5PTSD5JS/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JYA4AMJXCNF6UPFG36L2TPPT32C242SP/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKQWHG2SZJZSGC7PXVDAEJYBN7ESDR7D/"},{"type":"ADVISORY","url":"https://mail.openvswitch.org/pipermail/ovs-dev/2021-January/379471.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202311-16"},{"type":"ADVISORY","url":"https://us-cert.cisa.gov/ics/advisories/icsa-21-194-07"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1921438"},{"type":"FIX","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-941426.pdf"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/openvswitch/ovs","events":[{"introduced":"7a0f907b2393626dac1387617355990eab69aef7"},{"fixed":"2a83d1761086d724e405e0d5ebb901416606cd1b"},{"introduced":"c298ef781c2d35d939fe163cbc2f41ea7b1cb8d1"},{"fixed":"ef9c2553d08494421fac9f64e3998bf015030b5c"},{"introduced":"4fbe77d8deebd8e98953cd2c74051bb23a19af72"},{"fixed":"938626b12f325c98c330f4b7ab655625299d27f8"},{"introduced":"bd916d13dbb845746983a6780da772154df647ba"},{"fixed":"2a310d6161d317cb4c4d1aae18ade0302c7bc6fa"},{"introduced":"5563e309b80bbea9bff538e71ecfd7e5e538bab9"},{"fixed":"4518fdabe1469af9cf2ea28786c1320a5d1d3b11"},{"introduced":"997f2b583f49d1a52b41958b88acf4f23a49eba6"},{"fixed":"634e6e41cd4475e0d63bbbd9095fcb0b45d29f49"},{"introduced":"6beb94976e2b3e0c51430b63214de14186d8db39"},{"fixed":"9eb440e681ac354654517b204b86eec4eb282037"},{"introduced":"71d553b995d0bd527d3ab1e9fbaf5a2ae34de2f3"},{"fixed":"e8ca01410265f982abe6b852632af9860806233a"},{"introduced":"29c7b4518fb5834e3f432f1c8864df8e95e1506c"},{"fixed":"f8ea6e0cab75f8f6675272fff6d99191150bb1cb"},{"introduced":"0"},{"fixed":"f9b9c7a68dc4c5eefb100b8b4d0e024b5ce87f2a"}],"database_specific":{"versions":[{"introduced":"2.6.0"},{"fixed":"2.6.9"},{"introduced":"2.7.0"},{"fixed":"2.7.12"},{"introduced":"2.8.0"},{"fixed":"2.8.10"},{"introduced":"2.9.0"},{"fixed":"2.9.8"},{"introduced":"2.10.0"},{"fixed":"2.10.6"},{"introduced":"2.11.0"},{"fixed":"2.11.5"},{"introduced":"2.12.0"},{"fixed":"2.12.2"},{"introduced":"2.13.0"},{"fixed":"2.13.2"},{"introduced":"2.14.0"},{"fixed":"2.14.1"},{"introduced":"0"},{"fixed":"2.0.1"}]}},{"type":"GIT","repo":"https://github.com/vincentbernat/lldpd","events":[{"introduced":"0"},{"fixed":"0a251e25f60cf6dc71a122495601e18288387037"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.0.8"}]}}],"versions":["0.2","0.2.1","0.3","0.3.1","0.3.2","0.4.0","0.5.0","0.5.1","0.5.2","0.5.4","0.5.5","0.6.0","0.6.1","0.7.0","0.7.1","0.7.10","0.7.11","0.7.12","0.7.13","0.7.14","0.7.15","0.7.16","0.7.2","0.7.3","0.7.4","0.7.5","0.7.6","0.7.7","0.7.8","0.7.9","0.8.0","0.9.0","0.9.1","0.9.2","0.9.3","0.9.4","0.9.5","0.9.6","0.9.7","0.9.8","0.9.9","1.0.0","1.0.1","1.0.2","1.0.3","1.0.4","1.0.5","1.0.6","1.0.7","v2.10.0","v2.10.1","v2.10.2","v2.10.3","v2.10.4","v2.10.5","v2.11.0","v2.11.1","v2.11.2","v2.11.3","v2.11.4","v2.12.0","v2.12.1","v2.13.0","v2.13.1","v2.14.0","v2.6.0","v2.6.1","v2.6.2","v2.6.3","v2.6.4","v2.6.5","v2.6.6","v2.6.7","v2.6.8","v2.7.0","v2.7.1","v2.7.10","v2.7.11","v2.7.2","v2.7.3","v2.7.4","v2.7.5","v2.7.6","v2.7.7","v2.7.8","v2.7.9","v2.8.0","v2.8.1","v2.8.2","v2.8.3","v2.8.4","v2.8.5","v2.8.6","v2.8.7","v2.8.8","v2.8.9","v2.9.0","v2.9.1","v2.9.2","v2.9.3","v2.9.4","v2.9.5","v2.9.6","v2.9.7"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-27827.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"10"}]},{"events":[{"introduced":"0"},{"last_affected":"13"}]},{"events":[{"introduced":"0"},{"last_affected":"4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"33"}]},{"events":[{"introduced":"0"},{"fixed":"17"}]},{"events":[{"introduced":"0"},{"fixed":"2.2"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}