AZL-28656 CVE-2023-41910 affecting package lldpd for versions less than 1.0.14-3
An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDPTLVADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdpdecode in daemon/protocols/cdp.c...