dhcpcd: Multiple vulnerabilities — GLSA 201606-07

Multiple vulnerabilities have been found in dhcpcd allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service.

Affected Packages

net-misc/dhcpcd on all architectures
Affected versions < 6.10.0
Unaffected versions >= 6.10.0

Background

A fully featured, yet light weight RFC2131 compliant DHCP client

Description

A heap overflow can be triggered via malformed DHCP responses in the print_option (via dhcp_envoption1) due to incorrect option length values. These vulnerabilities could also allow remote attackers to trigger an invalid read/crash via malformed DHCP responses.

Impact

Remote attackers could possibly execute arbitrary code with the privileges of the process or cause Denial of Service.

Workaround

There is no known workaround at this time.

Resolution

All dhcpcd users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-misc/dhcpcd-6.10.0”
 

References

Release Date
June 18, 2016

Latest Revision
June 18, 2016: 2

Severity
normal

Exploitable
remote

Bugzilla entries