dhcp-4.4.2-18.b1.el9
エラータID: AXSA:2023-5581:03
The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.
Security Fix(es):
* dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort (CVE-2022-2928)
* dhcp: DHCP memory leak (CVE-2022-2929)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2022-2928
In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort.
CVE-2022-2929
In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.
Update packages.
In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort.
In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.
N/A
SRPMS
- dhcp-4.4.2-18.b1.el9.src.rpm
MD5: 2eb8d932107d292736c8b27882d8613a
SHA-256: 3acaa7ae8c5c8411cded3013feceafa96fb5e76b828fa806701367e0d009a0cf
Size: 9.54 MB
Asianux Server 9 for x86_64
- dhcp-client-4.4.2-18.b1.el9.x86_64.rpm
MD5: b2a75e8594fb8f0e3425c1417e7f4cd0
SHA-256: 26260a426de53fd383891365321d7108631e79dd185aaec3fe808b00ba6268bd
Size: 788.24 kB - dhcp-common-4.4.2-18.b1.el9.noarch.rpm
MD5: 2fec6fe3d07d4b20e3947f7187c7acc0
SHA-256: 333a23de9e9caa5ad9e1d373dc7afaf287bdd8392903ad4b03a9705e11776cbe
Size: 128.03 kB - dhcp-relay-4.4.2-18.b1.el9.x86_64.rpm
MD5: 6233070be6d8280ad35601d80bdb0b81
SHA-256: 8385d6490e5f29763379cbe6872637992af41dbb8cc146897c244aa67a0ccda8
Size: 403.54 kB - dhcp-server-4.4.2-18.b1.el9.x86_64.rpm
MD5: 8b76d977205dc528f07b3eef248fd549
SHA-256: 0832d2e64afd6fef472f4e055b88885195552fc302ece867b37ed1cba4b4ecfd
Size: 1.22 MB