CVE-2018-15688

Summary

A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.

Affected Software

VendorProductVersion RangeStatus
systemdsystemdunspecified <= 239affected

Weaknesses

  • dhcp6_option_append_ia() contained an incorrect buffer size calculation.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References