Impact
An uninitialized pointer dereference occurs in the Roy Marples NetworkConfiguration/dhcpcd 10.3.0 source during option parsing. When an unexpected or invalid option token or parsing state causes the lookup to return NULL, the code performs a member access on a NULL pointer of type 'struct dhcp_opt', causing the daemon to abort. This results in a crash that can deny the DHCP client service. The weakness is identified as CWE‑476, indicating a classic null pointer dereference. The impact is a loss of availability; if an attacker can influence the parsing of configuration options, the crash could be triggered repeatedly, bringing down the DHCP service.
Affected Systems
The affected product is the dhcpcd DHCP client daemon, version 10.3.0. No vendor or product name is recorded in the CVE database, but the source indicates it is a network configuration tool.
Risk and Exploitability
The vulnerability has a CVSS score of 6.3, indicating moderate severity, and the EPSS score of less than 1% indicates a very low likelihood of exploitation at present. The vulnerability is not listed in the CISA KEV catalog. The attack vector is inferred to be remote, via crafted DHCP options or malicious configuration files that can be supplied over the network or through local file tampering. An attacker would need the ability to affect parsing of configuration options, which could be achieved by sending malformed options in DHCP traffic or by modifying configuration files with privileged access. The vulnerability would cause the dhcpcd service to terminate abruptly, leading to a denial of service of DHCP functionality.
OpenCVE Enrichment