CVE-2026-56117
- EPSS 0.09%
- Veröffentlicht 23.06.2026 16:14:31
- Zuletzt bearbeitet 28.06.2026 00:26:58
dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c that allows local unprivileged attackers to trigger memory corruption when privilege separation is disabl...
CVE-2026-56116
- EPSS 0.19%
- Veröffentlicht 23.06.2026 16:11:52
- Zuletzt bearbeitet 01.07.2026 14:16:45
dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Ad...
CVE-2026-56114
- EPSS 0.18%
- Veröffentlicht 23.06.2026 16:08:10
- Zuletzt bearbeitet 28.06.2026 00:34:21
dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6_makemessage() in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an o...
CVE-2026-56113
- EPSS 0.18%
- Veröffentlicht 23.06.2026 16:05:59
- Zuletzt bearbeitet 28.06.2026 00:33:20
dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW reply with RFC6603 OPTION_PD_EXCLUDE and both preferred...
CVE-2019-11766
- EPSS 2.1%
- Veröffentlicht 05.05.2019 06:29:00
- Zuletzt bearbeitet 21.11.2024 04:21:45
dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over-read in the D6_OPTION_PD_EXCLUDE feature.
CVE-2019-11577
- EPSS 53.1%
- Veröffentlicht 28.04.2019 16:29:00
- Zuletzt bearbeitet 21.11.2024 04:21:22
dhcpcd before 7.2.1 contains a buffer overflow in dhcp6_findna in dhcp6.c when reading NA/TA addresses.
CVE-2019-11578
- EPSS 2.03%
- Veröffentlicht 28.04.2019 16:29:00
- Zuletzt bearbeitet 21.11.2024 04:21:22
auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets by performing latency attacks.
CVE-2019-11579
- EPSS 1.41%
- Veröffentlicht 28.04.2019 16:29:00
- Zuletzt bearbeitet 21.11.2024 04:21:22
dhcp.c in dhcpcd before 7.2.1 contains a 1-byte read overflow with DHO_OPTSOVERLOADED.
CVE-2016-1504
- EPSS 2.9%
- Veröffentlicht 07.02.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
dhcpcd before 6.10.0 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to the option length.
- EPSS 6.34%
- Veröffentlicht 18.04.2016 00:59:15
- Zuletzt bearbeitet 06.05.2026 22:30:45
dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 and other products, mismanages option lengths, which allows remote attackers to execute arbitrary code or cause a denial of s...