Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-41910HistorySep 05, 2023 - 7:15 a.m.
CVE-2023-41910
2023-09-0507:15:14
Debian Security Bug Tracker
security-tracker.debian.org
5
lldpd
remote attack
heap memory
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
31.5%
An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdp_decode in daemon/protocols/cdp.c.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | lldpd | < 1.0.16-1+deb12u1 | lldpd_1.0.16-1+deb12u1_all.deb |
| Debian | 11 | all | lldpd | < 1.0.11-1+deb11u2 | lldpd_1.0.11-1+deb11u2_all.deb |
| Debian | 999 | all | lldpd | < 1.0.17-1 | lldpd_1.0.17-1_all.deb |
| Debian | 13 | all | lldpd | < 1.0.17-1 | lldpd_1.0.17-1_all.deb |
Related
nessus
nessus
Debian DSA-5505-1 : lldpd - security update
2023-09-26 00:00:00
CBL Mariner 2.0 Security Update: lldpd (CVE-2023-41910)
2023-09-28 00:00:00
Debian DLA-3578-1 : lldpd - LTS security update
2023-09-23 00:00:00
ubuntucve
ubuntucve
CVE-2023-41910
2023-09-05 00:00:00
osv
osv
lldpd - security update
2023-09-22 00:00:00
lldpd - security update
2023-09-25 00:00:00
CVE-2023-41910
2023-09-05 07:15:14
debian
debian
[SECURITY] [DLA 3578-1] lldpd security update
2023-09-22 17:10:11
[SECURITY] [DSA 5505-1] lldpd security update
2023-09-25 20:28:39
cbl_mariner
cbl_mariner
CVE-2023-41910 affecting package lldpd for versions less than 1.0.14-3
2023-09-27 18:02:50
prion
prion
Out-of-bounds
2023-09-05 07:15:00
openvas
openvas
Debian: Security Advisory (DSA-5505-1)
2023-09-27 00:00:00
Debian: Security Advisory (DLA-3578-1)
2023-09-25 00:00:00
redhatcve
redhatcve
CVE-2023-41910
2023-09-13 14:24:20
redos
redos
ROS-20240611-11
2024-06-11 00:00:00
cve
cve
CVE-2023-41910
2023-09-05 07:15:14
nvd
nvd
CVE-2023-41910
2023-09-05 07:15:14
cvelist
cvelist
CVE-2023-41910
2023-09-05 00:00:00
alpinelinux
alpinelinux
CVE-2023-41910
2023-09-05 07:15:14
ics
ics
Siemens SIMATIC and SIPLUS
2024-06-13 12:00:00
Siemens TIM 1531 IRC
2024-06-13 12:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
31.5%
Related for DEBIANCVE:CVE-2023-41910