CVE-2020-37127

MEDIUM
2026-02-05 [email protected]
5.5
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

4
Patch Released
Mar 31, 2026 - 21:13 nvd
Patch available
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
PoC Detected
Feb 05, 2026 - 20:47 vuln.today
Public exploit code
CVE Published
Feb 05, 2026 - 17:16 nvd
MEDIUM 5.5

Tags

Buffer Overflow Denial Of Service Redhat Suse

Description

Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcp_release utility that allows attackers to cause a denial of service by supplying excessive input. Attackers can trigger a core dump and terminate the dhcp_release process by sending a crafted input string longer than 16 characters.

Analysis

Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcp_release utility that allows attackers to cause a denial of service by supplying excessive input. [CVSS 5.5 MEDIUM]

Technical Context

Classified as CWE-121 (Stack-based Buffer Overflow). Affects dhcp_release utility. Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcp_release utility that allows attackers to cause a denial of service by supplying excessive input. Attackers can trigger a core dump and terminate the dhcp_release process by sending a crafted input string longer than 16 characters.

Affected Products

Product: dhcp_release utility.

Remediation

Monitor vendor advisories for a patch. Enable ASLR, DEP/NX, and stack canaries where possible.

Priority Score

48
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +28
POC: +20

Vendor Status

Share

CVE-2020-37127 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy