CVE-2026-56117

A flaw was found in dhcpcd. A heap use-after-free vulnerability in the control socket handling allows a local unprivileged attacker to trigger memory corruption. This occurs when privilege separation is disabled, enabling the attacker to send a privileged command to the control socket. Successful...

CVE-2026-56117

dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c that allows local unprivileged attackers to trigger memory corruption when privilege separation is disabled. Attackers can connect to the control socket...

EUVD-2026-38494

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...

CVE-2025-70102

A flaw was found in dhcpcd. A specially crafted configuration input may cause the parseoption function to dereference a NULL pointer while processing malformed option data. This issue may result in application termination and a denial of service condition. Mitigation Red Hat is not aware of a...

EUVD-2019-3249

Malware in sbrugna...

EUVD-2019-3436

Malware in sbrugna...

EUVD-2012-6541

Malware in sbrugna...

EUVD-2016-2602

Malware in sbrugna...

EUVD-2016-2601

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-11579

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dhcp.c in dhcpcd before 7.2.1 contains a 1-byte read overflow with DHOOPTSOVERLOADED. CVE-2019-11579 Note that Nessus relies on the presence of the package as...

Linux Distros Unpatched Vulnerability : CVE-2014-7912

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The getoption function in dhcp.c in dhcpcd before 6.2.0, as used in dhcpcd 5.x in Android before 5.1 and other products, does not validate the relationship...

Linux Distros Unpatched Vulnerability : CVE-2016-1504

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dhcpcd before 6.10.0 allows remote attackers to cause a denial of service invalid read and crash via vectors related to the option length. CVE-2016-1504 Note th...

Linux Distros Unpatched Vulnerability : CVE-2019-11578

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets by performing latency attacks. CVE-2019-11578 Note that Nessus relies on the presence of the...

SUSE CVE-2014-7913

The printoption function in dhcp-common.c in dhcpcd through 6.9.1, as used in dhcp.c in dhcpcd 5.x in Android before 5.1 and other products, misinterprets the return value of the snprintf function, which allows remote DHCP servers to execute arbitrary code or cause a denial of service memory...

SUSE CVE-2016-1503

dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 and other products, mismanages option lengths, which allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via a malform...

SUSE CVE-2019-11766

dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over-read in the D6OPTIONPDEXCLUDE feature...

dhcpcd Buffer Overflow Vulnerability

dhcpcd is an open source DHCP server program. The program mainly provides dynamic host configuration protocol services for the network. A buffer error vulnerability exists in the dhcp6.c file in versions of dhcpcd prior to 6.11.7 and 7.x prior to 7.2.2. The vulnerability stems from a network syst...

UBUNTU-CVE-2019-11578

auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets by performing latency attacks...

UBUNTU-CVE-2019-11579

dhcp.c in dhcpcd before 7.2.1 contains a 1-byte read overflow with DHOOPTSOVERLOADED...

CVE-2016-1503

dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 and other products, mismanages option lengths, which allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via a malform...