Software Engineering Institute

According to ISC:

ISC dhclient did not strip or escape certain shell meta-characters in responses from the dhcp server (like hostname) before passing the responses on to dhclient-script. Depending on the script and OS, this can result in execution of exploit code on the client.

An unauthenticated remote attacker could cause the ISC dhclient to execute arbitrary code on the client machine.

Apply an update

Users who obtain ISC DHCP from a third-party vendor, such as their operating system vendor, should see the vendor information portion of this document for a partial list of affected vendors.

This vulnerability is addressed in ISC DHCP version 3.1-ESV-R1, 4.1-ESV-R2 and 4.2.1-P1. Users of ISC DHCP from the original source distribution should upgrade to this version or later, as appropriate.

See also https://www.isc.org/software/dhcp/advisories/cve-2011-0997

According to ISC:
On SUSE systems, it is possible to disable hostname update by setting DHCLIENT_SET_HOSTNAME="no" in /etc/sysconfig/network/dhcp.
Other systems may add following line to dhclient-script at the beginning of the set_hostname() function:

new_host_name=${new_host_name//[^-.a-zA-Z0-9]/}

In environments where filters/acls can be put into place to limit clients to accessing only legitimate dhcp servers, this will protect clients
from rogue dhcp servers deliberately trying to exploit this bug. However, this will not protect from compromised servers.