GHSA-hm5v-wwxq-27x8MediumCVSS 6.5
A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially...
🔗 CVE IDs covered (1)
📋 Description
A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement containing a zero-length Neighbor Discovery option can bypass validation during packet storage and later be reparsed without adequate validation, causing the parser to enter a non-advancing loop. Successful exploitation may result in excessive CPU consumption, leading to a denial of service.
🔗 References (6)
- https://nvd.nist.gov/vuln/detail/CVE-2026-14258
- https://github.com/NetworkConfiguration/dhcpcd/issues/415
- https://github.com/NetworkConfiguration/dhcpcd/commit/75289ca
- https://access.redhat.com/security/cve/CVE-2026-14258
- https://bugzilla.redhat.com/show_bug.cgi?id=2462305
- https://github.com/advisories/GHSA-hm5v-wwxq-27x8