A Google security researcher has discovered a critical remote command injection vulnerability in the DHCP client implementation of Red Hat Linux and its derivatives like Fedora operating system. The vulnerability resides in the NetworkManager integration script included in the. DHCP client application which allows your system to receive network configuration parameters, such as an IP address and DNS servers, from the DHCP (Dynamic Host Control Protocol) server. Users have the option to remove or disable the vulnerable script, but this will prevent certain configuration parameters provided by the. server from being. being configured on a local system.
Source: https://thehackernews.com/2018/05/linux-dhcp-hacking.html