CVE-2014-7913 — MEDIUM (6.8)

Q: How severe is CVE-2014-7913?

CVE-2014-7913 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2014-7913?

Check the references section above for vendor advisories and patch information. Affected products include: Dhcpcd Project Dhcpcd, Google Android.

Vulnerability Description

The print_option function in dhcp-common.c in dhcpcd through 6.9.1, as used in dhcp.c in dhcpcd 5.x in Android before 5.1 and other products, misinterprets the return value of the snprintf function, which allows remote DHCP servers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted message.

CVSS Score

6.8

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Dhcpcd Project	Dhcpcd	<= 6.9.0
Google	Android	All versions

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2014-7913?

CVE-2014-7913 is a vulnerability with a CVSS score of 6.8 (MEDIUM). The print_option function in dhcp-common.c in dhcpcd through 6.9.1, as used in dhcp.c in dhcpcd 5.x in Android before 5.1 and other products, misinterprets the return value of the snprintf function, w...

How severe is CVE-2014-7913?

CVE-2014-7913 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-7913?

Check the references section above for vendor advisories and patch information. Affected products include: Dhcpcd Project Dhcpcd, Google Android.