Morehouse

**Name of the Vulnerable Software and Affected Versions** Lightning Network Daemon (lnd) versions prior to 0.17.0 **Description** A parsing vulnerability in lnd's onion processing logic leads to a denial of service vector due to excessive memory allocation. **Recommendations** For versions prior to 0.17.0, update to a version >= 0.17.0 to be protected. As a temporary workaround for users unable to upgrade, consider setting the `--rejecthtlc` CLI flag and also disable forwarding on channels via the `UpdateChanPolicyCommand`, or disable listening on a public network interface via the `--nolisten` flag to mitigate the issue.