Primary

Context

barebox Out-of-Bounds Read Vulnerability in DHCP Option Parsing

Vulnerability

Patched

A out-of-bounds read vulnerability has been identified in barebox versions prior to 2026.04.0. The issue arises in the DHCP option parsing within the dhcp_message_type() function, where the parser fails to properly validate the options pointer against the bounds of the received packet. This vulnerability allows an attacker on the same broadcast domain to send a crafted DHCP Offer or ACK packet that lacks a proper 0xff end marker. As a result, the parser can read beyond the valid packet data, potentially leading to a system crash.

Impact

Exploitation of this vulnerability can cause a system crash, due to the out-of-bounds read that disrupts normal operation.

Remediation

Users can upgrade to barebox version 2026.04.0 to address this vulnerability.

Added: May 11, 2026, 10:46 PM

Updated: May 11, 2026, 10:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

4.7

remediation

7.7

relevance

8.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

4.7

remediation

7.7

relevance

8.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

barebox Out-of-Bounds Read Vulnerability in DHCP Option Parsing

Vulnerability

Impact

Remediation

Affected Products

barebox

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating