{"id":"UBUNTU-CVE-2012-2152","details":"Stack-based buffer overflow in the get_packet method in socket.c in dhcpcd 3.2.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long packet.","modified":"2025-07-16T08:10:33.738633Z","published":"2012-07-25T21:55:00Z","withdrawn":"2025-07-18T16:42:46Z","upstream":["CVE-2012-2152"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2012-2152"},{"type":"REPORT","url":"http://www.openwall.com/lists/oss-security/2012/05/02/4"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2012-2152"}],"affected":[{"package":{"name":"dhcpcd","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/dhcpcd@1:3.2.3-11?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.2.3-11"}]}],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"dhcpcd","binary_version":"1:3.2.3-11"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2012/UBUNTU-CVE-2012-2152.json"}}],"schema_version":"1.7.3","severity":[{"type":"Ubuntu","score":"medium"}]}