CVE-2021-31884
CWE-170: IMPROPER NULL TERMINATION
The DHCP client application assumes the data supplied with the “hostname” DHCP option NULL is terminated. In cases when a global hostname variable is not defined, this may lead to out-of-bound reads, out-of-bounds writes, and denial-of-service conditions.
Risk Information
- CVE ID
- CVE-2021-31884
- Vendor
- Siemens
- Product
- Nucleus
- CVSS v3
- 8.8