{"id":"MGASA-2016-0190","summary":"Updated dhcpcd packages fix security vulnerability","details":"The print_option function in dhcp-common.c in dhcpcd through 6.10.2\nmisinterprets the return value of the snprintf function, which allows\nremote DHCP servers to execute arbitrary code or cause a denial of service\n(memory corruption) via a crafted message (CVE-2014-7913).\n\nThe dhcpcd package has been updated to version 6.11.0 which fixes this\nissue and has several other bug fixes and enhancements.\n","modified":"2026-01-31T23:17:33.170775Z","published":"2016-05-20T11:38:30Z","related":["CVE-2014-7913"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0190.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=18422"},{"type":"REPORT","url":"http://roy.marples.name/archives/dhcpcd-discuss/2016/1146.html"},{"type":"REPORT","url":"http://roy.marples.name/archives/dhcpcd-discuss/2016/1244.html"},{"type":"REPORT","url":"http://roy.marples.name/archives/dhcpcd-discuss/2016/1251.html"},{"type":"REPORT","url":"http://roy.marples.name/archives/dhcpcd-discuss/2016/1292.html"}],"affected":[{"package":{"name":"dhcpcd","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/dhcpcd?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.11.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0190.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}