CVE-2016-2148

🗓️ 09 Feb 2017 15:00:00Reported by redhatType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 427 Views

CVE-2016-2148 Heap-based buffer overflow in DHCP client (udhcpc) in BusyBox before 1.25.0

Reporter	Title	Published	Views	Family All 71
AlpineLinux	CVE-2016-2148	9 Feb 201715:00	–	alpinelinux
Cloud Foundry	USN-3935-1: BusyBox vulnerabilities \| Cloud Foundry	12 Apr 201900:00	–	cloudfoundry
CNVD	BusyBox OPTION_6RD Parsing Heap Buffer Overflow Vulnerability	16 Mar 201600:00	–	cnvd
Cvelist	CVE-2016-2148	9 Feb 201715:00	–	cvelist
Debian	[SECURITY] [DLA 1445-1] busybox security update	27 Jul 201804:39	–	debian
Debian	[SECURITY] [DLA 2559-1] busybox security update	15 Feb 202111:56	–	debian
Debian CVE	CVE-2016-2148	9 Feb 201715:00	–	debiancve
Tenable Nessus	Debian DLA-2559-1 : busybox security update	16 Feb 202100:00	–	nessus
Tenable Nessus	F5 Networks BIG-IP : BusyBox vulnerability (K000156994)	14 Oct 202500:00	–	nessus
Tenable Nessus	GLSA-201612-04 : BusyBox: Multiple vulnerabilities	5 Dec 201600:00	–	nessus

NVD

Node

busybox busyboxRange≤1.24.2

Node

Node

Source	Link
usn	www.usn.ubuntu.com/3935-1/
openwall	www.openwall.com/lists/oss-security/2016/03/11/16
seclists	www.seclists.org/fulldisclosure/2019/Sep/7
lists	www.lists.debian.org/debian-lts-announce/2021/02/msg00020.html
security	www.security.gentoo.org/glsa/201612-04
git	www.git.busybox.net/busybox/commit/
lists	www.lists.debian.org/debian-lts-announce/2018/07/msg00037.html
seclists	www.seclists.org/fulldisclosure/2019/Jun/18
seclists	www.seclists.org/bugtraq/2019/Sep/7
seclists	www.seclists.org/fulldisclosure/2020/Aug/20

13 May 2026 00:24Current

9.6High risk

Vulners AI Score9.6

CVSS 27.5

CVSS 3.19.8

EPSS0.16482