CVE-2018-5732

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-5732
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-5732.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2018-5732
Downstream
Related
Published
2019-10-09T16:15:13.407Z
Modified
2026-02-03T07:02:06.142607Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. Affects ISC DHCP versions 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0

References

Affected packages

Git / gitlab.isc.org/isc-projects/dhcp

Affected ranges

Type
GIT
Repo
https://gitlab.isc.org/isc-projects/dhcp
Events
Introduced
079f747eb20d40e80c65e8a984d6c50860560b3c
Fixed
8541c4fcbc6364800775234bacfe646ef16bfd38
Introduced
5de62c8b34a94e66269b39c663cd222047216306
Fixed
c1bd79a15e9b689e8a18538aaedec0ab8bd04b17

Affected versions

Other
v4_3_0
v4_3_1
v4_3_1b1
v4_3_1rc1
v4_3_2
v4_3_2b1
v4_3_2rc1
v4_3_2rc2
v4_3_3
v4_3_3b1
v4_3_4
v4_3_4b1
v4_3_5
v4_3_5b1
v4_3_6b1
v4_3_2.*
v4_3_2.pre-beta

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-5732.json"