CVE-2021-43612 Information

Description

In lldpd before 1.0.13 when decoding SONMP packets in the sonmp_decode function it’s possible to trigger an out-of-bounds heap read via short SONMP packets.

Reference

https://lldpd.github.io/security.html https://github.com/lldpd/lldpd/commit/73d42680fce8598324364dbb31b9bc3b8320adf7 https://github.com/lldpd/lldpd/compare/1.0.12…1.0.13