oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE id request: dhcpcd

From: Nico Golde <oss-security+ml () ngolde de>
Date: Thu, 7 Jan 2016 12:10:37 +0100
dhcpcd recently fixed two security issues. Can you assign CVE ids to these?

http://roy.marples.name/projects/dhcpcd/info/76a1609352263bd9
can lead to a heap overflow via malformed dhcp responses later in print_option (via dhcp_envoption1) due to incorrect 
option length values. exploitation is non-trivial, but i'd love to be proven wrong.

http://roy.marples.name/projects/dhcpcd/info/595883e2a431f65d
can lead to an invalid read/crash via malformed dhcp responses. not exploitable beyond DoS as far as I can judge.

Kind regards,
Nico
Previous By Date Next
Previous By Thread Next

Current thread: