Red Hat Bugzilla – Bug 1316556
CVE-2016-2148 busybox: heap-based buffer overflow in OPTION_6RD parsing
Last modified: 2016-03-11 04:25:24 EST
A heap based buffer overflow was discovered in udhcpc when parsing IPv6 Rapid Deployment DHCP option. An attacker could send a maliciously crafted packet as an answer to a DHCP request, to overwrite the heap, resulting in crash or remote code execution.
Name: Nico Golde (Qualcomm Product Security Initiative)
Created busybox tracking bugs for this issue:
Affects: fedora-all [bug 1316558]