{"id":"ALPINE-CVE-2016-2147","details":"Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write.","modified":"2026-03-09T00:56:24.373937Z","published":"2017-02-09T15:59:00.893Z","upstream":["CVE-2016-2147"],"references":[{"type":"ADVISORY","url":"https://security.alpinelinux.org/vuln/CVE-2016-2147"}],"affected":[{"package":{"name":"busybox","ecosystem":"Alpine:v3.4","purl":"pkg:apk/alpine/busybox?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.24.2-r0"}]}],"versions":["1.12.1-r1","1.12.1-r5","1.12.1-r6","1.13.0-r0","1.13.0-r1","1.13.0-r2","1.13.1-r0","1.13.2-r0","1.13.2-r1","1.13.2-r2","1.13.2-r3","1.13.2-r4","1.13.2-r5","1.13.3-r1","1.13.3-r2","1.13.3-r3","1.13.3-r4","1.13.3-r5","1.13.4-r0","1.13.4-r1","1.13.4-r2","1.14.1-r0","1.14.1-r1","1.14.1-r2","1.14.2-r0","1.14.2-r1","1.14.2-r2","1.14.3-r0","1.14.3-r1","1.14.3-r2","1.14.3-r3","1.14.3-r4","1.14.3-r5","1.14.3-r6","1.14.3-r7","1.14.4-r0","1.15.2-r0","1.15.2-r1","1.15.3-r0","1.15.3-r1","1.16.0-r0","1.16.0-r1","1.16.0-r2","1.16.0-r3","1.16.0-r4","1.16.0-r5","1.16.0-r6","1.16.0-r7","1.16.1-r0","1.16.1-r1","1.16.1-r2","1.16.1-r3","1.16.1-r4","1.16.2-r0","1.16.2-r1","1.16.2-r2","1.17.0-r0","1.17.0-r1","1.17.0-r2","1.17.0-r3","1.17.0-r4","1.17.1-r0","1.17.1-r1","1.17.1-r2","1.17.1-r3","1.17.1-r4","1.17.2-r0","1.17.3-r0","1.17.3-r1","1.17.3-r2","1.17.3-r3","1.17.4-r0","1.17.4-r1","1.17.4-r2","1.18.2-r0","1.18.2-r1","1.18.2-r2","1.18.3-r0","1.18.3-r1","1.18.3-r2","1.18.3-r3","1.18.3-r4","1.18.4-r0","1.18.4-r1","1.18.4-r2","1.18.4-r3","1.18.4-r4","1.18.5-r0","1.18.5-r1","1.19.0-r0","1.19.2-r0","1.19.2-r1","1.19.2-r2","1.19.2-r3","1.19.3-r0","1.19.3-r1","1.19.3-r2","1.19.3-r3","1.19.3-r4","1.19.3-r5","1.19.3-r6","1.19.3-r7","1.19.3-r8","1.19.4-r0","1.19.4-r1","1.19.4-r2","1.19.4-r3","1.19.4-r4","1.20.0-r4","1.20.0-r5","1.20.0-r6","1.20.1-r0","1.20.1-r1","1.20.2-r0","1.20.2-r1","1.20.2-r2","1.20.2-r3","1.20.2-r4","1.20.2-r5","1.21.0-r0","1.21.1-r0","1.21.1-r1","1.21.1-r2","1.21.1-r3","1.22.0-r3","1.22.1-r0","1.22.1-r1","1.22.1-r10","1.22.1-r11","1.22.1-r12","1.22.1-r13","1.22.1-r14","1.22.1-r2","1.22.1-r3","1.22.1-r4","1.22.1-r5","1.22.1-r6","1.22.1-r7","1.22.1-r8","1.22.1-r9","1.23.0-r0","1.23.0-r1","1.23.0-r2","1.23.0-r3","1.23.0-r4","1.23.1-r0","1.23.2-r0","1.23.2-r1","1.23.2-r10","1.23.2-r2","1.23.2-r3","1.23.2-r4","1.23.2-r5","1.23.2-r6","1.23.2-r7","1.23.2-r8","1.23.2-r9","1.24.1-r0","1.24.1-r1","1.24.1-r2","1.24.1-r3","1.24.1-r4","1.24.1-r5","1.24.1-r6","1.24.1-r7","1.24.1-r8","1.24.1-r9"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/alpine/ALPINE-CVE-2016-2147.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}