Dhcpcd Project

Dhcpcd

16 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.09%
  • Veröffentlicht 23.06.2026 16:14:31
  • Zuletzt bearbeitet 28.06.2026 00:26:58

dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c that allows local unprivileged attackers to trigger memory corruption when privilege separation is disabl...

  • EPSS 0.19%
  • Veröffentlicht 23.06.2026 16:11:52
  • Zuletzt bearbeitet 01.07.2026 14:16:45

dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Ad...

  • EPSS 0.18%
  • Veröffentlicht 23.06.2026 16:08:10
  • Zuletzt bearbeitet 28.06.2026 00:34:21

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6_makemessage() in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an o...

  • EPSS 0.18%
  • Veröffentlicht 23.06.2026 16:05:59
  • Zuletzt bearbeitet 28.06.2026 00:33:20

dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW reply with RFC6603 OPTION_PD_EXCLUDE and both preferred...

  • EPSS 2.1%
  • Veröffentlicht 05.05.2019 06:29:00
  • Zuletzt bearbeitet 21.11.2024 04:21:45

dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over-read in the D6_OPTION_PD_EXCLUDE feature.

  • EPSS 53.1%
  • Veröffentlicht 28.04.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:21:22

dhcpcd before 7.2.1 contains a buffer overflow in dhcp6_findna in dhcp6.c when reading NA/TA addresses.

  • EPSS 2.03%
  • Veröffentlicht 28.04.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:21:22

auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets by performing latency attacks.

  • EPSS 1.41%
  • Veröffentlicht 28.04.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:21:22

dhcp.c in dhcpcd before 7.2.1 contains a 1-byte read overflow with DHO_OPTSOVERLOADED.

  • EPSS 2.9%
  • Veröffentlicht 07.02.2017 15:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

dhcpcd before 6.10.0 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to the option length.

  • EPSS 6.34%
  • Veröffentlicht 18.04.2016 00:59:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 and other products, mismanages option lengths, which allows remote attackers to execute arbitrary code or cause a denial of s...