CVE-2023-50432 Information

Description

simple-dhcp-server through ec976d2 allows remote attackers to cause a denial of service (daemon crash) by sending a DHCP packet without any option fields which causes free_packet in dhcp_packet.c to dereference a NULL pointer.

Reference

https://papers.mathyvanhoef.com/esorics2024.pdf