Medium4.7Red Hat Linux Updated
Local heap use-after-free vulnerability leads to denial of service.
CVE-2026-56117 Published Jun 23, 2026Updated by vendor Jun 23, 2026
Affected products & platforms
Red Hat LinuxUnclassified
Summary
Local heap use-after-free vulnerability leads to denial of service. Red Hat rates this moderate (CVSS 4.7). Weakness: CWE-825.
Mitigation checklist
Recommended fix / mitigation
- Ensure that the `dhcpcd` service is configured to run with privilege separation enabled. If `dhcpcd` is running with privilege separation disabled (e.g., via `--disable-privsep`), re-enable it to prevent local unprivileged attackers from exploiting this vulnerability. If privilege separation cannot be enabled, restrict access to the system running `dhcpcd` or disable the `dhcpcd` service if it is not critical for network operations. If the `dhcpcd` service is reconfigured, a restart may be required for changes to take effect.
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.