CVE-2012-6698

Published: 11 April 2016

The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds write) via a crafted response.

Priority

CVSS 3 base score: 7.5

Status

Package	Release	Status
dhcpcd Launchpad, Ubuntu, Debian	precise	Does not exist (precise was needed)
	trusty	Does not exist (trusty was released [3.2.3-11+deb7u1build0.14.04.1])
	upstream	Not vulnerable
	vivid	Ignored (reached end-of-life)
	wily	Does not exist
	xenial	Does not exist
	yakkety	Does not exist
	zesty	Does not exist

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6698
https://launchpadlibrarian.net/228152582/dhcp.c.patch
https://bugs.launchpad.net/ubuntu/+source/dhcpcd/+bug/1517226
NVD
Launchpad
Debian

Bugs

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›