dhcp-4.4.2-18.b1.el9

エラータID: AXSA:2023-5581:03

Release date: 
Monday, May 29, 2023 - 05:18
Subject: 
dhcp-4.4.2-18.b1.el9
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.

Security Fix(es):

* dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort (CVE-2022-2928)
* dhcp: DHCP memory leak (CVE-2022-2929)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-2928
In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort.
CVE-2022-2929
In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. dhcp-4.4.2-18.b1.el9.src.rpm
    MD5: 2eb8d932107d292736c8b27882d8613a
    SHA-256: 3acaa7ae8c5c8411cded3013feceafa96fb5e76b828fa806701367e0d009a0cf
    Size: 9.54 MB

Asianux Server 9 for x86_64
  1. dhcp-client-4.4.2-18.b1.el9.x86_64.rpm
    MD5: b2a75e8594fb8f0e3425c1417e7f4cd0
    SHA-256: 26260a426de53fd383891365321d7108631e79dd185aaec3fe808b00ba6268bd
    Size: 788.24 kB
  2. dhcp-common-4.4.2-18.b1.el9.noarch.rpm
    MD5: 2fec6fe3d07d4b20e3947f7187c7acc0
    SHA-256: 333a23de9e9caa5ad9e1d373dc7afaf287bdd8392903ad4b03a9705e11776cbe
    Size: 128.03 kB
  3. dhcp-relay-4.4.2-18.b1.el9.x86_64.rpm
    MD5: 6233070be6d8280ad35601d80bdb0b81
    SHA-256: 8385d6490e5f29763379cbe6872637992af41dbb8cc146897c244aa67a0ccda8
    Size: 403.54 kB
  4. dhcp-server-4.4.2-18.b1.el9.x86_64.rpm
    MD5: 8b76d977205dc528f07b3eef248fd549
    SHA-256: 0832d2e64afd6fef472f4e055b88885195552fc302ece867b37ed1cba4b4ecfd
    Size: 1.22 MB