CVE-2026-56117

dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c that allows local unprivileged attackers to trigger memory corruption when privilege separation is disabled. Attackers can connect to the control socket...

CVE-2026-56116 dhcpcd Memory Leak DoS via IPv6 Router Advertisement Handling

dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Advertisements. Attackers can repeatedly send...

EUVD-2026-38496

dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Advertisements. Attackers can repeatedly send...

[SECURITY] Fedora 36 Update: yggdrasil-0.2.98^1.ffb580f-0.3.20220127gitffb580f.fc36

yggdrasil is a client daemon that establishes a receiving queue for instructi ons to be sent to the system via a broker...

[SECURITY] Fedora 35 Update: yggdrasil-0.2.98^1.ffb580f-0.2.20220127gitffb580f.fc35

yggdrasil is a client daemon that establishes a receiving queue for instructi ons to be sent to the system via a broker...

[SECURITY] Fedora 36 Update: yggdrasil-0.2.98^1.ffb580f-0.2.20220127gitffb580f.fc36

yggdrasil is a client daemon that establishes a receiving queue for instructi ons to be sent to the system via a broker...

UBUNTU-CVE-2019-11766

dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over-read in the D6OPTIONPDEXCLUDE feature...

DEBIAN-CVE-2019-11577

dhcpcd before 7.2.1 contains a buffer overflow in dhcp6findna in dhcp6.c when reading NA/TA addresses...

UBUNTU-CVE-2016-1503

dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 and other products, mismanages option lengths, which allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via a malform...

Google Android Operating System < 4.4.0 Multiple Vulnerabilities

Binary data 8664.prm...

dhclient, dhcp, libdhcp4client security update

CentOS Errata and Security Advisory CESA-2011:0428 Updated dhcp packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS...

RHEL 2.1 : dhcpcd (RHSA-2005:603)

An updated dhcpcd package that fixes a denial of service issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The dhcpcd package includes a DHCP client daemon. An out of bounds memory read bug was found in dhcpcd. A malicious...

Moderate: Red Hat Security Advisory: dhcpcd security update

An updated dhcpcd package that fixes a denial of service issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The dhcpcd package includes a DHCP client daemon. An out of bounds memory read bug was found in dhcpcd. A malicious...

CVE-2002-1403

dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to execute arbitrary code via shell metacharacters that are fed from a dhcpd .info script into a .exe script...

CVE-2002-1403

CVE-2002-1403 affects the dhcpcd DHCP client daemon up to version 1.3.22. The vulnerability arises from how quotes in the DHCP server’s options are processed, allowing a local user to cause an arbitrary command to execute via shell metacharacters fed from a dhcpd .info script into a .exe script. ...

Mandrake Linux Security Advisory : dhcpcd (MDKSA-2003:003)

A vulnerability was discovered by Simon Kelley in the dhcpcd DHCP client daemon. dhcpcd has the ability to execute an external script named dhcpcd-.exe when an IP address is assigned to that network interface. The script sources the file /var/lib/dhcpcd/dhcpcd-.info which contains shell variables...

CVE-2002-1403

dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to execute arbitrary code via shell metacharacters that are fed from a dhcpd .info script into a .exe script...

DSA-219 dhcpcd - remote command execution

Simon Kelly discovered a vulnerability in dhcpcd, an RFC2131 and RFC1541 compliant DHCP client daemon, that runs with root privileges on client machines. A malicious administrator of the regular or an untrusted DHCP server may execute any command with root privileges on the DHCP client machine by...