Security update for busybox (important)

openSUSE security update: security update for busybox ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20883-1 Rating: important References: bsc1263989 Cross-References: CVE-2026-29004 CVSS scores: CVE-2026-29004 SUSE : 8.1...

Security update for busybox

This update for busybox fixes the following issue CVE-2026-29004: a crafted DHCPv6 response can lead to a heap buffer overflow in the DHCPv6 client bsc1263989. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

SUSE SLED15 / SLES15 Security Update : busybox (SUSE-SU-2026:2054-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2054-1 advisory. This update for busybox fixes the following issue - CVE-2026-29004: Heap buffer overflow vulnerability in the DHCPv6...

SUSE SLES15 Security Update : busybox (SUSE-SU-2026:2053-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2053-1 advisory. This update for busybox fixes the following issue - CVE-2026-29004: Heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVE...

SUSE-SU-2026:2054-1 Security update for busybox

This update for busybox fixes the following issue - CVE-2026-29004: Heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c bsc1263989...

USN-8268-1: Dnsmasq vulnerabilities

Andrew S. Fasano, Royce M, and Hugo Martinez Ray discovered that Dnsmasq did not allocate the necessary space to store domain names in some contexts. An attacker could possibly use this issue to write out-of-bounds, and could cause a denial of service or execute arbitrary code. CVE-2026-2291 Royc...

CVE-2026-29004

BusyBox prior to commit 42202bf contains a heap buffer overflow in the DHCPv6 client (udhcpc6) DNS_SERVERS option handler (networking/udhcp/d6_dhcpc.c). Attackers on the network-adjacent path can trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6_OPT_DNS_SERVERS op...

CVE-2026-29004 BusyBox DHCPv6 Client Heap Buffer Overflow via DNS_SERVERS

BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...

CVE-2026-29004 BusyBox DHCPv6 Client Heap Buffer Overflow via DNS_SERVERS

BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...

MiracleLinux 9 : edk2-20230524-4.el9_3.2.ML.1 (AXSA:2024-7573:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7573:04 advisory. edk2: Buffer overflow in the DHCPv6 client via a long Server ID option CVE-2023-45230 edk2: Buffer overflow when processing DNS Servers option in a...

CVE-2025-55086

In NetXDuo version before 6.4.4, a networking support module for Eclipse Foundation ThreadX, in the DHCPV6 client there was an unchecked index extracting the server DUID from the server reply. With a crafted packet, an attacker could cause an out of memory read...

EUVD-2020-19851

Malware in sbrugna...

EUVD-2011-2696

Malware in sbrugna...

EUVD-2024-16947

Malicious code in bioql PyPI...

EUVD-2023-49536

Malicious code in bioql PyPI...

CVE-2020-27338

An issue was discovered in Treck IPv6 before 6.0.1.68. Improper Input Validation in the DHCPv6 client component allows an unauthenticated remote attacker to cause an Out of Bounds Read, and possibly a Denial of Service via adjacent network access...

Linux Distros Unpatched Vulnerability : CVE-2023-45230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be exploited by an...

Linux Distros Unpatched Vulnerability : CVE-2011-2717

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The DHCPv6 client dhcp6c as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a...

Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2024-1733)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2024-1722)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...