Candidate: CVE-2014-6060 PublicDate: 2014-09-04 17:55:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6060 http://roy.marples.name/projects/dhcpcd/ci/1d2b93aa5ce25a8a710082fe2d36a6bf7f5794d5?sbs=0 Description: The get_option function in dhcpcd 4.0.0 through 6.x before 6.4.3 allows remote DHCP servers to cause a denial of service by resetting the DHO_OPTIONSOVERLOADED option in the (1) bootfile or (2) servername section, which triggers the option to be processed again. Ubuntu-Description: It was discovered that dhcpcd incorrectly handled DHO_OPTIONSOVERLOADED option. An attaacker could possibly use this issue to cause a denial of service. Notes: mdeslaur> Affects dhcpcd 4.0.0 to 6.4.2 Bugs: Priority: medium Discovered-by: Assigned-to: CVSS: Patches_dhcpcd5: upstream_dhcpcd5: released (6.0.5-2) lucid_dhcpcd5: DNE precise_dhcpcd5: ignored (reached end-of-life) precise/esm_dhcpcd5: DNE (precise was needed) trusty_dhcpcd5: released (6.0.5-2build0.14.04.1) trusty/esm_dhcpcd5: DNE (trusty was released [6.0.5-2build0.14.04.1]) utopic_dhcpcd5: ignored (reached end-of-life) vivid_dhcpcd5: ignored (reached end-of-life) vivid/stable-phone-overlay_dhcpcd5: DNE vivid/ubuntu-core_dhcpcd5: DNE wily_dhcpcd5: not-affected (6.0.5-2) xenial_dhcpcd5: not-affected (6.0.5-2) yakkety_dhcpcd5: not-affected (6.0.5-2) zesty_dhcpcd5: not-affected (6.0.5-2) artful_dhcpcd5: not-affected (6.0.5-2) bionic_dhcpcd5: not-affected (6.0.5-2) cosmic_dhcpcd5: not-affected (6.0.5-2) devel_dhcpcd5: not-affected (6.0.5-2) Patches_dhcpcd: upstream_dhcpcd: needs-triage lucid_dhcpcd: not-affected (code not present) precise_dhcpcd: not-affected (code not present) precise/esm_dhcpcd: DNE (precise was not-affected [code not present]) trusty_dhcpcd: not-affected (code not present) trusty/esm_dhcpcd: DNE (trusty was not-affected [code not present]) utopic_dhcpcd: not-affected (code not present) vivid_dhcpcd: not-affected (code not present) vivid/stable-phone-overlay_dhcpcd: DNE vivid/ubuntu-core_dhcpcd: DNE wily_dhcpcd: DNE xenial_dhcpcd: DNE yakkety_dhcpcd: DNE zesty_dhcpcd: DNE artful_dhcpcd: DNE bionic_dhcpcd: DNE cosmic_dhcpcd: DNE devel_dhcpcd: DNE