"The DHCP client daemon, dhclient, does not properly sanatize certain
options in DHCP server replies. An attacker could send a specially
crafted DHCP server reply, that is saved on the client system and
evaluated by a process that assumes the option is trusted. This could
lead to arbitrary code execution with the privileges of the evaluating
Please reply back to this ticket if you found this security alert useful.