Lucene search
+L

324 matches found

OSV
OSV
added 2026/06/23 4:11 p.m.3 views

CVE-2026-56116 dhcpcd Memory Leak DoS via IPv6 Router Advertisement Handling

dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Advertisements. Attackers can repeatedly send...

7.1CVSS5.9AI score0.00187EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/06/23 4:8 p.m.8 views

CVE-2026-56115

Removed by vendor...

8.8CVSS5.8AI score0.00307EPSS
Exploits1
EUVD
EUVD
added 2026/06/23 4:8 p.m.9 views

EUVD-2026-38494

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...

6CVSS6.1AI score0.00307EPSS
Exploits1References2
CVE
CVE
added 2026/06/23 4:8 p.m.38 views

CVE-2026-56115

CVE-2026-56115 is associated with a one-byte stack out-of-bounds write in dhcpcd up to 10.3.2, due to a malformed DHCPv6 OPTION_PD_EXCLUDE in dhcp6_makemessage() that an unauthenticated same-link attacker can trigger via DHCPv6 ADVERTISE with IA_PD /0. An attacker can corrupt adjacent stack memor...

8.8CVSS5.9AI score0.00307EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:8 p.m.6 views

CVE-2026-56115

Bootimus through 0.1.70 contains a broken access control vulnerability that allows authenticated low-privileged users to perform administrative actions by exploiting missing role enforcement in the JWTMiddleware function in internal/auth/auth.go, which validates JWT tokens and account status but...

8.8CVSS5.9AI score0.00307EPSS
Exploits1References5
CVE
CVE
added 2026/06/23 4:8 p.m.20 views

CVE-2026-56114

CVE-2026-56114 affects dhcpcd up to 10.3.2; the issue is a one-byte stack out-of-bounds write in dhcp6_makemessage() caused by serializing an oversized RFC6603 OPTION_PD_EXCLUDE body in a crafted DHCPv6 ADVERTISE with IA_PD IAPREFIX /0. The vulnerability can allow an unauthenticated same-link att...

6.5CVSS6.1AI score0.00175EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/23 4:8 p.m.6 views

CVE-2026-56114

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...

6.5CVSS6.1AI score0.00175EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/23 4:8 p.m.41 views

CVE-2026-56114 dhcpcd Stack Out-of-Bounds Write in dhcp6_makemessage()

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...

6CVSS0.00175EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 4:8 p.m.8 views

EUVD-2026-38492

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...

6CVSS6.1AI score0.00175EPSS
Exploits0References2
OSV
OSV
added 2026/06/23 4:8 p.m.3 views

CVE-2026-56114 dhcpcd Stack Out-of-Bounds Write in dhcp6_makemessage()

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...

6CVSS6.1AI score0.00175EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/06/23 4:8 p.m.7 views

CVE-2026-56114

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...

6.5CVSS5.9AI score0.00175EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/23 4:5 p.m.12 views

CVE-2026-56113

dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW reply with RFC6603 OPTIONPDEXCLUDE and both preferred and valid lifetimes set to zero. Attackers actin...

6.5CVSS5.9AI score0.00175EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/23 4:5 p.m.40 views

CVE-2026-56113 dhcpcd Heap Use-After-Free in dhcp6_deprecateaddrs via DHCPv6 RENEW

dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW reply with RFC6603 OPTIONPDEXCLUDE and both preferred and valid lifetimes set to zero. Attackers actin...

6CVSS0.00175EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:5 p.m.5 views

CVE-2026-56113

dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW reply with RFC6603 OPTIONPDEXCLUDE and both preferred and valid lifetimes set to zero. Attackers actin...

6CVSS5.9AI score0.00175EPSS
Exploits0References3
CVE
CVE
added 2026/06/23 4:5 p.m.20 views

CVE-2026-56113

Summary of CVE-2026-56113 : The dhcpcd project (up to version 10.3.2) contains a heap use-after-free vulnerability in the DHCPv6 path. Specifically, in dhcp6_deprecateaddrs(), when processing a crafted DHCPv6 RENEW reply (using RFC6603 OPTION_PD_EXCLUDE) with both the preferred and valid lifetime...

6.5CVSS5.9AI score0.00175EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/23 4:5 p.m.3 views

CVE-2026-56113 dhcpcd Heap Use-After-Free in dhcp6_deprecateaddrs via DHCPv6 RENEW

dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW reply with RFC6603 OPTIONPDEXCLUDE and both preferred and valid lifetimes set to zero. Attackers actin...

6CVSS6AI score0.00175EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/23 2:31 a.m.9 views

SUSE CVE-2025-70102

A NULL pointer dereference occurs in Roy Marples NetworkConfiguration/dhcpcd 10.3.0 while parsing configuration options. In parseoption src/if-options.c:1886, the code performs a member access on a NULL pointer of type 'struct dhcpopt' when an unexpected/invalid option token or parsing state caus...

5.5CVSS5.9AI score0.00169EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.15 views

PT-2026-51564

Name of the Vulnerable Software and Affected Versions Bootimus versions 0.1.0 through 0.1.70 dhcpcd versions 1.0 through 10.3.2 Description Bootimus contains a broken access control issue where the JWTMiddleware function in internal/auth/auth.go fails to inspect the is admin flag. This allows...

8.8CVSS5.8AI score0.00307EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.19 views

PT-2026-51563

Name of the Vulnerable Software and Affected Versions dhcpcd versions prior to 10.3.2 Description A one-byte stack out-of-bounds write exists in the dhcp6 makemessage function within src/dhcp6.c. Unauthenticated attackers on the same link can trigger this by serializing an oversized RFC6603 OPTIO...

6.5CVSS5.9AI score0.00175EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.29 views

PT-2026-51566

Name of the Vulnerable Software and Affected Versions dhcpcd versions prior to 10.3.2 Description A heap use-after-free issue exists in the control socket handling within src/control.c. This occurs when privilege separation is disabled or initialization fails, leaving the control socket in mode...

5.7CVSS5.8AI score0.00093EPSS
Exploits0References4
Rows per page
Query Builder