PT-2019-4118 · Roy Marples+1 · Dhcpcd+1
Timo Sigurdsson
·
Published
2019-05-05
·
Updated
2023-02-27
·
CVE-2019-11766
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
dhcpcd versions 6.11.7 and earlier, 7.x before 7.2.2
Description
The issue is related to a buffer over-read in the D6 OPTION PD EXCLUDE feature of the dhcp6.c component in the dhcpcd DHCP server. This can be exploited by a remote attacker to cause a denial of service.
Recommendations
For versions 6.11.7 and earlier, update to version 6.11.7 or later.
For versions 7.x before 7.2.2, update to version 7.2.2 or later.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Dhcpcd