CVE-2026-56113: Use After Free in NetworkConfiguration dhcpcd
A heap use-after-free vulnerability exists in dhcpcd through version 10.3.2. This flaw can be triggered by an unauthenticated attacker on the same link sending a specially crafted DHCPv6 RENEW reply with specific options and lifetimes set to zero. The vulnerability allows crashing the dhcpcd daemon due to improper handling of delegated child addresses during address deprecation.
AI Analysis
Technical Summary
CVE-2026-56113 is a heap use-after-free vulnerability in the dhcpcd DHCP client daemon up to version 10.3.2. The issue arises when a DHCPv6 RENEW reply containing the RFC6603 OPTION_PD_EXCLUDE with both preferred and valid lifetimes set to zero is processed. An attacker impersonating a DHCPv6 server can cause the function dhcp6_deprecatedele() to free a delegated child address while an outer TAILQ_FOREACH_SAFE iterator in dhcp6_deprecateaddrs() still references the freed pointer. This leads to a use-after-free condition when TAILQ_REMOVE is called, resulting in a crash of the daemon. The vulnerability requires the attacker to be on the same link and does not require privileges or user interaction.
Potential Impact
Successful exploitation allows an unauthenticated attacker on the same network link to crash the dhcpcd daemon, causing a denial of service. There is no indication of code execution or information disclosure from the provided data. The CVSS 4.0 base score is 6.0 (medium severity), reflecting the potential for disruption but limited scope of impact.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. The vulnerability is fixed in commit 5733d3c, but no official patch or release version is explicitly stated in the provided data. Users should monitor the vendor's communications for an official fix and apply it once available. Until then, restricting DHCPv6 server access to trusted sources on the local network may reduce exposure.
CVE-2026-56113: Use After Free in NetworkConfiguration dhcpcd
Description
A heap use-after-free vulnerability exists in dhcpcd through version 10.3.2. This flaw can be triggered by an unauthenticated attacker on the same link sending a specially crafted DHCPv6 RENEW reply with specific options and lifetimes set to zero. The vulnerability allows crashing the dhcpcd daemon due to improper handling of delegated child addresses during address deprecation.
CVSS v4.0
Score 6.0medium
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-56113 is a heap use-after-free vulnerability in the dhcpcd DHCP client daemon up to version 10.3.2. The issue arises when a DHCPv6 RENEW reply containing the RFC6603 OPTION_PD_EXCLUDE with both preferred and valid lifetimes set to zero is processed. An attacker impersonating a DHCPv6 server can cause the function dhcp6_deprecatedele() to free a delegated child address while an outer TAILQ_FOREACH_SAFE iterator in dhcp6_deprecateaddrs() still references the freed pointer. This leads to a use-after-free condition when TAILQ_REMOVE is called, resulting in a crash of the daemon. The vulnerability requires the attacker to be on the same link and does not require privileges or user interaction.
Potential Impact
Successful exploitation allows an unauthenticated attacker on the same network link to crash the dhcpcd daemon, causing a denial of service. There is no indication of code execution or information disclosure from the provided data. The CVSS 4.0 base score is 6.0 (medium severity), reflecting the potential for disruption but limited scope of impact.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. The vulnerability is fixed in commit 5733d3c, but no official patch or release version is explicitly stated in the provided data. Users should monitor the vendor's communications for an official fix and apply it once available. Until then, restricting DHCPv6 server access to trusted sources on the local network may reduce exposure.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulnCheck
- Date Reserved
- 2026-06-18T19:15:10.650Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a3ab6daeed863c81e4f9f31
Added to database: 06/23/2026, 16:39:54 UTC
Last enriched: 06/23/2026, 16:55:10 UTC
Last updated: 06/23/2026, 16:55:10 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.