CVE-2014-7912

NameCVE-2014-7912
DescriptionThe get_option function in dhcp.c in dhcpcd before 6.2.0, as used in dhcpcd 5.x in Android before 5.1 and other products, does not validate the relationship between length fields and the amount of data, which allows remote DHCP servers to execute arbitrary code or cause a denial of service (memory corruption) via a large length value of an option in a DHCPACK message.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-506-1
NVD severitymedium

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
dhcpcd5 (PTS)stretch6.10.1-1fixed
bullseye, sid, buster7.1.0-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
dhcpcd5source(unstable)6.9.1-1
dhcpcd5sourcewheezy5.5.6-1+deb7u2DLA-506-1

Notes

[jessie] - dhcpcd5 <no-dsa> (Minor issue)
https://dev.marples.name/rDHCc204b018d1cfe740fb3179532070ae10fe34aaf3

Search for package or bug name: Reporting problems