The print_option function in dhcp-common.c in dhcpcd through 6.9.1 misinterprets the return value of the snprintf function, which allows remote DHCP servers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted message.
Upstream release fixing the issue:
Created dhcpcd tracking bugs for this issue:
Affects: fedora-23 [bug 1334635]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.