Denial Of Service (DoS)

2022-10-0919:16:50

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

denial of service

libdhcp.so

option_code_hash_lookup

add_option

refcount

application crash

malicious input

vulnerability

0.001 Low

EPSS

Percentile

43.7%

JSON

libdhcp.so is vulnerable to Denial Of Service (DoS). The vulnerability exists when the function option_code_hash_lookup() is called from add_option() in option.c due to the option’s refcount field which allows an attacker to crash the application via malicious input.

CPENameOperatorVersion
dhcp:edgeeq4.4.2_p1-r1
dhcp:edgeeq4.4.2-r3
dhcp:edgeeq4.4.2-r1
dhcp:edgeeq4.4.2_p1-r0
dhcp:edgeeq4.4.2-r0
libdhcp.soeq1.debug
dhcp:3.13eq4.4.2-r3
dhcp:3.13eq4.4.2_p1-r0
dhcp:3.14eq4.4.2-r3
dhcp:3.14eq4.4.2_p1-r0

Name	Operator	Version
dhcp:edge	eq	4.4.2_p1-r1
dhcp:edge	eq	4.4.2-r3
dhcp:edge	eq	4.4.2-r1
dhcp:edge	eq	4.4.2_p1-r0
dhcp:edge	eq	4.4.2-r0
libdhcp.so	eq	1.debug
dhcp:3.13	eq	4.4.2-r3
dhcp:3.13	eq	4.4.2_p1-r0
dhcp:3.14	eq	4.4.2-r3
dhcp:3.14	eq	4.4.2_p1-r0