CVE Catalog

CVE-2026-14258

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.25%

16th percentile — higher than 16% of all known CVEs

Summary

A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement containing a zero-length Neighbor Discovery option can bypass validation during packet storage and later be reparsed without adequate validation, causing the parser to enter a non-advancing loop. Successful exploitation may result in excessive CPU consumption, leading to a denial of service.

Risk Assessment

An attacker can remotely overwhelm the target system by sending a single crafted IPv6 packet, leading to CPU exhaustion and disruption of network services.

Recommendation

Immediately update dhcpcd to the latest patched version. If an update is not possible, consider temporarily disabling IPv6 Router Advertisement processing or applying firewall rules to block suspicious packets.

Original NVD description (English source)

A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement containing a zero-length Neighbor Discovery option can bypass validation during packet storage and later be reparsed without adequate validation, causing the parser to enter a non-advancing loop. Successful exploitation may result in excessive CPU consumption, leading to a denial of service.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS