Date: Fri, 23 Jun 2017 22:53:56 +0200 From: "Jason A. Donenfeld" <Jason@...c4.com> To: dhcpcd-discuss@...ples.name, Roy Marples <roy@...ples.name> Cc: oss-security <oss-security@...ts.openwall.com> Subject: Remotely exploitable crash in dhcpcd Hi Roy, I found that by sending the same exact DHCP response to two different DHCP requests on different interfaces, I was able to segfault dhcpcd. The attached patch fixes the problem, though you might want to investigate a bit further precisely why this is necessary. Regards, Jason View attachment "dhcpcd-7.0.0-crash-fix.patch" of type "text/x-patch" (431 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.