{"id":"CVE-2018-5732","details":"Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. Affects ISC DHCP versions 4.1.0 -\u003e 4.1-ESV-R15, 4.2.0 -\u003e 4.2.8, 4.3.0 -\u003e 4.3.6, 4.4.0","modified":"2026-02-03T07:02:06.142607Z","published":"2019-10-09T16:15:13.407Z","related":["MGASA-2018-0410","SUSE-SU-2018:0810-1","SUSE-SU-2018:0810-2","SUSE-SU-2018:0812-1","openSUSE-SU-2024:10715-1"],"references":[{"type":"ADVISORY","url":"https://kb.isc.org/docs/aa-01565"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.isc.org/isc-projects/dhcp","events":[{"introduced":"079f747eb20d40e80c65e8a984d6c50860560b3c"},{"fixed":"8541c4fcbc6364800775234bacfe646ef16bfd38"},{"introduced":"5de62c8b34a94e66269b39c663cd222047216306"},{"fixed":"c1bd79a15e9b689e8a18538aaedec0ab8bd04b17"}]}],"versions":["v4_3_0","v4_3_1","v4_3_1b1","v4_3_1rc1","v4_3_2","v4_3_2.pre-beta","v4_3_2b1","v4_3_2rc1","v4_3_2rc2","v4_3_3","v4_3_3b1","v4_3_4","v4_3_4b1","v4_3_5","v4_3_5b1","v4_3_6b1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-5732.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}