CVE-2014-7912

NameCVE-2014-7912
DescriptionThe get_option function in dhcp.c in dhcpcd before 6.2.0, as used in dhcpcd 5.x in Android before 5.1 and other products, does not validate the relationship between length fields and the amount of data, which allows remote DHCP servers to execute arbitrary code or cause a denial of service (memory corruption) via a large length value of an option in a DHCPACK message.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-506-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
dhcpcd5 (PTS)buster, bullseye7.1.0-2fixed
bookworm9.4.1-24~deb12u3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
dhcpcd5sourcewheezy5.5.6-1+deb7u2DLA-506-1
dhcpcd5source(unstable)6.9.1-1

Notes

[jessie] - dhcpcd5 <no-dsa> (Minor issue)
https://dev.marples.name/rDHCc204b018d1cfe740fb3179532070ae10fe34aaf3
Search for package or bug name: Reporting problems