The print_option function in dhcp-common.c in dhcpcd through 6.9.1 misinterprets the return value of the snprintf function, which allows remote DHCP servers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted message. Patch: https://android.googlesource.com/platform/external/dhcpcd/+/73c09dd8067250734511d955d8f792b41c7213f0 Upstream release fixing the issue: http://roy.marples.name/archives/dhcpcd-discuss/2016/1244.html External references: (none)
Created dhcpcd tracking bugs for this issue: Affects: fedora-23 [bug 1334635]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.