Vulnerability CVE-2014-6060: Information
Description
The get_option function in dhcpcd 4.0.0 through 6.x before 6.4.3 allows remote DHCP servers to cause a denial of service by resetting the DHO_OPTIONSOVERLOADED option in the (1) bootfile or (2) servername section, which triggers the option to be processed again.
Severity: LOW (3.3)
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
dhcpcd | sisyphus | 6.4.7-alt1 | 10.0.6-alt1 | ALT-PU-2014-2234-1 | 131422 | Fixed |
dhcpcd | p10 | 6.4.7-alt1 | 10.0.6-alt1 | ALT-PU-2014-2234-1 | 131422 | Fixed |
dhcpcd | p9 | 6.4.7-alt1 | 8.1.9-alt1 | ALT-PU-2014-2234-1 | 131422 | Fixed |
dhcpcd | c10f1 | 6.4.7-alt1 | 9.4.0-alt1 | ALT-PU-2014-2234-1 | 131422 | Fixed |
dhcpcd | c9f2 | 6.4.7-alt1 | 8.1.7-alt1 | ALT-PU-2014-2234-1 | 131422 | Fixed |
dhcpcd | c7 | 5.6.8-alt2.M70C.1 | 5.6.8-alt2.M70C.1 | ALT-PU-2017-2539-1 | 192407 | Fixed |
dhcpcd | p11 | 6.4.7-alt1 | 10.0.6-alt1 | ALT-PU-2014-2234-1 | 131422 | Fixed |