CVE-2012-2152 in Ubuntu

CVE-2012-2152

Priority

Description

Stack-based buffer overflow in the get_packet method in socket.c in dhcpcd
3.2.3 allows remote attackers to cause a denial of service (crash) and
possibly execute arbitrary code via a long packet.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2152
http://www.openwall.com/lists/oss-security/2012/05/02/4

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=671265

Notes

Package

Source: dhcpcd (LP Ubuntu Debian)

Upstream:	released (1:3.2.3-11)
Ubuntu 22.04 LTS (Jammy Jellyfish):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was not-affected [1:3.2.3-11])

Patches:

Vendor:

http://www.debian.org/security/2012/dsa-2498

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2022-02-10 23:59:45 UTC (commit acb3d89ab51f1d5e5543fa993969c0eb13c71f04)