Candidate: CVE-2012-6700
PublicDate: 2016-04-11 15:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6700
 https://launchpadlibrarian.net/228152582/dhcp.c.patch
 https://bugs.launchpad.net/ubuntu/+source/dhcpcd/+bug/1517226
Description:
 The decode_search function in dhcp.c in dhcpcd 3.x does not properly free
 allocated memory, which allows remote DHCP servers to cause a denial of
 service via a crafted response.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by: Guido Vranken
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]

Patches_dhcpcd:
upstream_dhcpcd: not-affected
precise_dhcpcd: ignored (reached end-of-life)
precise/esm_dhcpcd: DNE (precise was needed)
trusty_dhcpcd: released (3.2.3-11+deb7u1build0.14.04.1)
trusty/esm_dhcpcd: DNE (trusty was released [3.2.3-11+deb7u1build0.14.04.1])
vivid_dhcpcd: ignored (reached end-of-life)
vivid/stable-phone-overlay_dhcpcd: DNE
vivid/ubuntu-core_dhcpcd: DNE
wily_dhcpcd: DNE
xenial_dhcpcd: DNE
yakkety_dhcpcd: DNE
zesty_dhcpcd: DNE
devel_dhcpcd: DNE