Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 and other products, mismanages option lengths, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a malformed DHCP response, aka internal bug 26461634.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
dhcpcd 基于堆的缓冲区溢出漏洞
Vulnerability Description
dhcpcd是一套兼容RFC2131和RFC1541的DHCP客户端守护程序,它用于自动配置IPv4网络。 Android及其他产品中使用的dhcpcd中存在基于堆的缓冲区溢出漏洞,该漏洞源于程序没有正确处理选项长度。远程攻击者可借助恶意的DHCP响应利用该漏洞在受影响应用程序上下文中执行任意代码,也可能造成拒绝服务。以下版本受到影响:Android 4.4.4之前4.x版本,5.0.2之前5.0.x版本,5.1.1之前5.1.x版本,2016-04-01之前6.x版本。
CVSS Information
N/A
Vulnerability Type
N/A