Unrated severityNVD Advisory· Published Sep 5, 2023· Updated Sep 30, 2024
CVE-2023-41910
CVE-2023-41910
Description
An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdp_decode in daemon/protocols/cdp.c.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- lldpd/lldpddescription
- osv-coords2 versions
< 1.0.18-4.el9+ 1 more
- (no CPE)range: < 1.0.18-4.el9
- (no CPE)range: < 1.0.18-4.el9
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.