FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- bootpd buffer overflow

Affected packages
12.0 <= FreeBSD < 12.0_1
11.2 <= FreeBSD < 11.2_7


VuXML ID fa6a4a69-03d1-11e9-be12-a4badb2f4699
Discovery 2018-12-19
Entry 2018-12-19

Problem Description:

Due to insufficient validation of network-provided data it may be possible for a malicious attacker to craft a bootp packet which could cause a stack buffer overflow.


It is possible that the buffer overflow could lead to a Denial of Service or remote code execution.


CVE Name CVE-2018-1716
FreeBSD Advisory SA-18:15.bootpd