The print_option function in dhcp-common.c in dhcpcd through 6.9.1, as used in dhcp.c in dhcpcd 5.x in Android before 5.1 and other products, misinterprets the return value of the snprintf function, which allows remote DHCP servers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted message.
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 02:18
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securitytracker.com/id/1033124 - | |
References | () https://android.googlesource.com/platform/external/dhcpcd/+/73c09dd8067250734511d955d8f792b41c7213f0 - |
07 Nov 2023, 02:21
Type | Values Removed | Values Added |
---|---|---|
References | () https://android.googlesource.com/platform/external/dhcpcd/+/73c09dd8067250734511d955d8f792b41c7213f0 - | |
References | () http://www.securitytracker.com/id/1033124 - |
Information
Published : 2015-07-30 00:59
Updated : 2024-11-21 02:18
NVD link : CVE-2014-7913
Mitre link : CVE-2014-7913
CVE.ORG link : CVE-2014-7913
JSON object : View
Products Affected
- android
dhcpcd_project
- dhcpcd
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer