Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 23 Jun 2017 22:53:56 +0200
From: "Jason A. Donenfeld" <>
To:, Roy Marples <>
Cc: oss-security <>
Subject: Remotely exploitable crash in dhcpcd

Hi Roy,

I found that by sending the same exact DHCP response to two different
DHCP requests on different interfaces, I was able to segfault dhcpcd.
The attached patch fixes the problem, though you might want to
investigate a bit further precisely why this is necessary.


View attachment "dhcpcd-7.0.0-crash-fix.patch" of type "text/x-patch" (431 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.