Roy Marples · Dhcpcd · CVE-2019-11766
**Name of the Vulnerable Software and Affected Versions**
dhcpcd versions 6.11.7 and earlier, 7.x before 7.2.2
**Description**
The issue is related to a buffer over-read in the D6 OPTION PD EXCLUDE feature of the dhcp6.c component in the dhcpcd DHCP server. This can be exploited by a remote attacker to cause a denial of service.
**Recommendations**
For versions 6.11.7 and earlier, update to version 6.11.7 or later.
For versions 7.x before 7.2.2, update to version 7.2.2 or later.