dhcp-4.1.1-63.P1.0.2.AXS4
エラータID: AXSA:2021-2027:03
リリース日:
2021/06/17 Thursday - 13:37
題名:
dhcp-4.1.1-63.P1.0.2.AXS4
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- DHCP には、リースの読み取りに問題があり、dhclient と dhcpd が不適切なリースを読み込むと
クラッシュする可能性があるため、DHCP クライアントでネットワーク接続の問題を引き起こす
脆弱性があります。(CVE-2021-25217)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2021-25217
In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted.
In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted.
追加情報:
N/A
ダウンロード:
SRPMS
- dhcp-4.1.1-63.P1.0.2.AXS4.src.rpm
MD5: ea2b27ed87cc641fa54abb099dbe2d5d
SHA-256: 0f4314d39eea3e6ceea0b28887ee57e67165f723c593106674cac63f27f2d874
Size: 1.26 MB
Asianux Server 4 for x86
- dhclient-4.1.1-63.P1.0.2.AXS4.i686.rpm
MD5: 39480a3b39dfaa971eec3fa15d3f4f7c
SHA-256: dad9a4aba5953adaec6ed7cdbadaf252348eb1d7e96d62c357160d8d8416b852
Size: 321.29 kB - dhcp-4.1.1-63.P1.0.2.AXS4.i686.rpm
MD5: 5e5983ffc60fa47ddd029f87c7e98a15
SHA-256: d5dea7a723a0d4193d0a1cde9135f22257e64b7819443799b5d7d6677e5ac33e
Size: 825.60 kB - dhcp-common-4.1.1-63.P1.0.2.AXS4.i686.rpm
MD5: 30da6a90adbd2d90765ff21ce48991fc
SHA-256: c03f9801a89c226b96e798dd35038346472f6ad71170ecee73cf0a04544c2c5b
Size: 145.04 kB
Asianux Server 4 for x86_64
- dhclient-4.1.1-63.P1.0.2.AXS4.x86_64.rpm
MD5: 2c6e35417651856f1dd16fc05366a2cf
SHA-256: fd95cf85fbeee49e812ddd95072bda517a862fd58bb567e142c6694cd5005f63
Size: 322.21 kB - dhcp-4.1.1-63.P1.0.2.AXS4.x86_64.rpm
MD5: 2d7939065f7237b46bceb266e4b47872
SHA-256: aa1c06256c57d33bd7b2b520e172e48fcbe04500f35befb37306a7b7f5546e47
Size: 823.72 kB - dhcp-common-4.1.1-63.P1.0.2.AXS4.x86_64.rpm
MD5: da6177f364330a1e877fd9cb6820a494
SHA-256: ff60639163a82057f375c4204625a2c74ce8f45f7708ceff94d7ca76632865e1
Size: 144.59 kB