cbcvebase.
CVE-2014-7913
published 2015-07-30

CVE-2014-7913: The print_option function in dhcp-common.c in dhcpcd through 6.9.1, as used in dhcp.c in dhcpcd 5.x in Android before 5.1 and other products, misinterprets the…

PriorityP433medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
1.84%
76.3th percentile
The print_option function in dhcp-common.c in dhcpcd through 6.9.1, as used in dhcp.c in dhcpcd 5.x in Android before 5.1 and other products, misinterprets the return value of the snprintf function, which allows remote DHCP servers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted message.

Affected

2 ranges
VendorProductVersion rangeFixed in
debiandhcpcd5< dhcpcd5 7.0.8-0.1 (bookworm)dhcpcd5 7.0.8-0.1 (bookworm)
dhcpcd_projectdhcpcd<= 6.9.0

CVSS provenance

nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.