Ubuntu
dhcpcd package

  1. Bug #1517226
  2. Comment #6

Comment 6 for bug 1517226

Revision history for this message
Seth Arnold (seth-arnold) wrote :

MITRE assigned CVEs: http://www.openwall.com/lists/oss-security/2015/12/03/1

Quoting MITRE:

Use CVE-2012-6698 for the vulnerability in which the possibility of
"out == start" wasn't considered, leading to an out-of-bounds write.

Use CVE-2012-6699 for this loop error that results in an out-of-bounds read.

Use CVE-2012-6700 for the presence of the free call in an incorrect place.