CVE-2012-2152
dhcpcd - remote stack overflow
EPSS 2.8%
Description
Stack-based buffer overflow in the get_packet method in socket.c in dhcpcd 3.2.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long packet.
How to fix CVE-2012-2152
To remediate CVE-2012-2152, upgrade the affected package to a fixed version below.
- Debian/dhcpcd—upgrade to 1:3.2.3-11 or later
- Debian/dhcpcd—upgrade to 1:3.2.3-5+squeeze1 or later
Is CVE-2012-2152 being exploited?
Low — EPSS is 2.8%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 1:3.2.3-11
- from 0, < 1:3.2.3-5+squeeze1