Lucene search

K
alpinelinuxAlpine Linux Development TeamALPINE:CVE-2023-41910
HistorySep 05, 2023 - 7:15 a.m.

CVE-2023-41910

2023-09-0507:15:14
Alpine Linux Development Team
security.alpinelinux.org
10
vulnerability
lldpd
cdp pdu

EPSS

0.001

Percentile

26.9%

An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdp_decode in daemon/protocols/cdp.c.

OSVersionArchitecturePackageVersionFilename
Alpine3.18-communitynoarchlldpd= 1.0.16-r1UNKNOWN