ALAS2-2018-984 --- dhcpID: oval:org.secpod.oval:def:1700021 | Date: (C)2018-04-09 (M)2023-12-20 |
Class: PATCH | Family: unix |
Buffer overflow in dhclient possibly allowing code execution triggered by malicious serverAn out-of-bound memory access flaw was found in the way dhclient processed a DHCP response packet. A malicious DHCP server could potentially use this flaw to crash dhclient processes running on DHCP client machines via a crafted DHCP response packet. Reference count overflow in dhcpd allows denial of serviceA denial of service flaw was found in the way dhcpd handled reference counting when processing client requests. A malicious DHCP client could use this flaw to trigger a reference count overflow on the server side, potentially causing dhcpd to crash, by sending large amounts of traffic