Unrated severityNVD Advisory· Published Jun 23, 2026· Updated Jun 23, 2026

dhcpcd Heap Use-After-Free in dhcp6_deprecateaddrs via DHCPv6 RENEW

CVE-2026-56113

Description

dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW reply with RFC6603 OPTION_PD_EXCLUDE and both preferred and valid lifetimes set to zero. Attackers acting as or impersonating a DHCPv6 server can trigger dhcp6_deprecatedele() to free a delegated child address while an outer TAILQ_FOREACH_SAFE iterator in dhcp6_deprecateaddrs() still holds the freed pointer, causing a use-after-free when TAILQ_REMOVE is reached.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

NetworkConfiguration/Dhcpcdllm-fuzzy
Range: <=10.3.2

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/NetworkConfiguration/dhcpcd/commit/5733d3c59a5651f64357ac11c98b4f39895c8d25mitrepatch
www.vulncheck.com/advisories/dhcpcd-heap-use-after-free-in-dhcp6-deprecateaddrs-via-dhcpv6-renewmitrethird-party-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000