Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-0324: Dhcp6relay Buffer Overflow Vulnerability

There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. Dhcp6relay is a critical process and could cause dhcp relay docker to shutdown. Discovered by Eugene Lim of GovTech Singapore.

CVE
Open in Source
#vulnerability#git#buffer_overflow#docker

Impact

There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. Dhcp6relay is a critical process and could cause dhcp relay docker to shutdown.

Patches

The fix is included in latest versions with PR [dhcp_relay] Check payload size to prevent buffer overflow in dhcpv6 option by kellyyeh · Pull Request #9740 · Azure/sonic-buildimage (github.com).

Workarounds

To fix the issue without upgrading image, replace dhcp6relay with a more recent version that contains the code fix.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE