Heap Buffer Overflow Vulnerability in BusyBox's DHCPv6 Client
CVE-2026-29004

7.2HIGH

Key Information:

Vendor

Vda-linux

Status
Busybox Mirror
Vendor
CVE Published:
4 May 2026

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2026-29004?

A vulnerability in BusyBox's DHCPv6 client (udhcpc6) introduces a heap buffer overflow within the DNS_SERVERS option handler. This flaw permits network-adjacent attackers to craft malicious DHCPv6 responses containing malformed D6_OPT_DNS_SERVERS options. Exploiting this vulnerability could result in significant memory corruption, affecting the correct heap buffer allocation calculations in the option_to_env() function, potentially leading to denial of service or arbitrary code execution on embedded systems lacking robust heap protection mechanisms.

Affected Version(s)

busybox_mirror 0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2026-29004 - Proof of Concept

References

https://y637f9qq2x.com/posts/busybox-dhcpv6-heap-overflow/
technical-descriptionexploit
https://github.com/vda-linux/busybox_mirror/commit/42202b...
patch
https://github.com/vda-linux/busybox_mirror/commit/d368f3...
patch

CVSS V4

Score:
7.2
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Kazuma Matsumoto, a security researcher at GMO Cybersecurity by IERAE, Inc.
VulnCheck
.