HIGH
vda-linux
CVE published 2026-05-04
CVE-2026-29004
CVE-2026-29004 is a heap buffer overflow vulnerability in the BusyBox DHCPv6 client (udhcpc6) DNS_SERVERS option handler. The vulnerability exists in BusyBox versions before commit 42202bf. An attacker can exploit this vulnerability by sending a crafted DHCPv6 response with a malformed D6_OPT_DNS_SERVERS option, potentially leading to denial of service or arbitrary code execution on embedded systems witho [truncated]