Lucene search
K

288 matches found

RedhatCVE
RedhatCVE
added 20 hours ago7 views

CVE-2026-56117

A flaw was found in dhcpcd. A heap use-after-free vulnerability in the control socket handling allows a local unprivileged attacker to trigger memory corruption. This occurs when privilege separation is disabled, enabling the attacker to send a privileged command to the control socket. Successful...

5.7CVSS5.8AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 20 hours ago7 views

CVE-2026-56116

A flaw was found in dhcpcd. An unauthenticated attacker on the same network link can exploit a memory leak vulnerability in the IPv6 Router Advertisement route information handling. By repeatedly sending specially crafted Router Advertisements with a zero lifetime, the attacker can cause the syst...

7.1CVSS5.8AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 20 hours ago8 views

CVE-2026-56114

A flaw was found in dhcpcd. An unauthenticated attacker on the same network link could exploit a one-byte stack out-of-bounds write vulnerability in the dhcp6makemessage function. By sending a specially crafted DHCPv6 ADVERTISE message with an oversized option, the attacker can write beyond a...

6CVSS5.8AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 20 hours ago6 views

CVE-2026-56113

A flaw was found in dhcpcd. An unauthenticated attacker on the same network link can exploit this vulnerability by sending a specially crafted DHCPv6 RENEW reply. This can lead to a Denial of Service DoS, causing the dhcpcd daemon to crash due to a heap use-after-free vulnerability...

6CVSS5.8AI score
Exploits0References5
OSV
OSV
added 22 hours ago5 views

UBUNTU-CVE-2026-56117

dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-af...

5.7CVSS5.8AI score
Exploits0References2
OSV
OSV
added 22 hours ago2 views

UBUNTU-CVE-2026-56114

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte st...

6CVSS5.8AI score
Exploits0References2
NVD
NVD
added yesterday3 views

CVE-2026-56114

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...

6CVSS
Exploits0References2
NVD
NVD
added yesterday4 views

CVE-2026-56115

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...

6CVSS
Exploits0References2
NVD
NVD
added yesterday3 views

CVE-2026-56113

dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW reply with RFC6603 OPTIONPDEXCLUDE and both preferred and valid lifetimes set to zero. Attackers actin...

6CVSS
Exploits0References2
NVD
NVD
added yesterday6 views

CVE-2026-56117

dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c that allows local unprivileged attackers to trigger memory corruption when privilege separation is disabled. Attackers can connect to the control socket...

5.7CVSS
Exploits0References2
NVD
NVD
added yesterday6 views

CVE-2026-56116

dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Advertisements. Attackers can repeatedly send...

7.1CVSS
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2026-38498

dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c that allows local unprivileged attackers to trigger memory corruption when privilege separation is disabled. Attackers can connect to the control socket...

5.7CVSS5.9AI score
Exploits0References2
CVE
CVE
added yesterday6 views

CVE-2026-56117

CVE-2026-56117: dhcpcd up to version 10.3.2 contains a local heap use-after-free in the control socket handling (src/control.c). The root cause is that control_recvdata() can free the client object while a subsequent READ+HANGUP event reaches control_hangup() with a stale pointer, enabling memory...

5.7CVSS5.9AI score
Exploits0References2
Cvelist
Cvelist
added yesterday33 views

CVE-2026-56117 dhcpcd Heap Use-After-Free via Control Socket Handling

dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c that allows local unprivileged attackers to trigger memory corruption when privilege separation is disabled. Attackers can connect to the control socket...

5.7CVSS
Exploits0References2
CVE
CVE
added yesterday5 views

CVE-2026-56116

CVE-2026-56116 affects dhcpcd up to version 10.3.2. The vulnerability is in the IPv6 Router Advertisement route information handling, where a memory leak can be triggered by an unauthenticated, same-link attacker sending crafted Router Advertisements. Specifically, Router Advertisements containin...

7.1CVSS5.8AI score
Exploits0References2
Debian CVE
Debian CVE
added yesterday4 views

CVE-2026-56116

dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Advertisements. Attackers can repeatedly send...

7.1CVSS5.8AI score
Exploits0
CVE
CVE
added yesterday6 views

CVE-2026-56115

The CVE-2026-56115 issue affects dhcpcd up to 10.3.2. A one-byte stack out-of-bounds write exists in dhcp6_makemessage() in src/dhcp6.c, triggered by serializing an oversized RFC6603 OPTION_PD_EXCLUDE body. An unauthenticated, same-link attacker can send a crafted DHCPv6 ADVERTISE message contain...

6CVSS6.1AI score
Exploits0References2
Debian CVE
Debian CVE
added yesterday4 views

CVE-2026-56115

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...

6CVSS6.1AI score
Exploits0
EUVD
EUVD
added yesterday5 views

EUVD-2026-38494

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...

6CVSS6.1AI score
Exploits0References2
Debian CVE
Debian CVE
added yesterday4 views

CVE-2026-56114

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...

6CVSS6.1AI score
Exploits0
Rows per page
Query Builder