A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement containing a zero-length Neighbor Discovery option can bypass validation during packet storage and later be reparsed without adequate validation, causing the parser to enter a non-advancing loop. Successful exploitation may result in excessive CPU consumption, leading to a denial of service.
| Vendor | Product | Versions |
|---|---|---|
| red hat | red hat enterprise linux | — |
Updated product to 'Red Hat Enterprise Linux 10', changed severity to HIGH, and provided a more detailed description of the vulnerability.
Initial creation