FreeBSD Bugzilla – Attachment 169377 Details for
Bug 208840
net/dhcpcd: Add VuXML entry for CVE-2014-7912 and CVE-2014-7913
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch to add VuXML entry for net/dhcpcd for CVE-2014-7912 and CVE-2014-7913
vuxml.diff (text/plain), 2.03 KB, created by
Ben Woods
on 2016-04-16 19:52:27 UTC
(
hide
)
Description:
Patch to add VuXML entry for net/dhcpcd for CVE-2014-7912 and CVE-2014-7913
Filename:
MIME Type:
Creator:
Ben Woods
Created:
2016-04-16 19:52:27 UTC
Size:
2.03 KB
patch
obsolete
>Index: security/vuxml/vuln.xml >=================================================================== >--- security/vuxml/vuln.xml (revision 413475) >+++ security/vuxml/vuln.xml (working copy) >@@ -58,6 +58,42 @@ > * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) > --> > <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> >+ <vuln vid="6ec9f210-0404-11e6-9aee-bc5ff4fb5ea1"> >+ <topic>dhcpcd -- multiple vulnerabilities</topic> >+ <affects> >+ <package> >+ <name>dhcpcd</name> >+ <range><lt>6.10.2</lt></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>Jüri Aedla reports:</p> >+ <blockquote cite="https://android.googlesource.com/platform/external/dhcpcd/+/73c09dd8067250734511d955d8f792b41c7213f0"> >+ <p>[CVE-2014-7912] The get_option function in dhcp.c in dhcpcd before 6.2.0, as used >+ in dhcpcd 5.x in Android before 5.1 and other products, does not validate the >+ relationship between length fields and the amount of data, which allows remote >+ DHCP servers to execute arbitrary code or cause a denial of service (memory >+ corruption) via a large length value of an option in a DHCPACK message.</p> >+ <p>CVE-2014-7913] The print_option function in dhcp-common.c in dhcpcd through 6.9.1, >+ as used in dhcp.c in dhcpcd 5.x in Android before 5.1 and other products, >+ misinterprets the return value of the snprintf function, which allows remote >+ DHCP servers to execute arbitrary code or cause a denial of service (memory >+ corruption) via a crafted message.</p> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <cvename>CVE-2014-7912</cvename> >+ <cvename>CVE-2014-7913</cvename> >+ <url>http://roy.marples.name/projects/dhcpcd/info/528541c4c619520e</url> >+ </references> >+ <dates> >+ <discovery>2014-11-13</discovery> >+ <entry>2016-04-16</entry> >+ </dates> >+ </vuln> >+ > <vuln vid="e21474c6-031a-11e6-aa86-001999f8d30b"> > <topic>PJSIP -- TCP denial of service in PJProject</topic> > <affects>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=169377">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 208840
: 169377