DSA-5251-1 isc-dhcp -- isc-dhcpID: oval:org.secpod.oval:def:610204 | Date: (C)2022-10-07 (M)2023-05-11 |
Class: PATCH | Family: unix |
Several vulnerabilities have been discovered in the ISC DHCP client, relay and server. CVE-2022-2928 It was discovered that the DHCP server does not correctly perform option reference counting when configured with allow leasequery;. A remote attacker can take advantage of this flaw to cause a denial of service . CVE-2022-2929 It was discovered that the DHCP server is prone to a memory leak flaw when handling contents of option 81 data received in a DHCP packet. A remote attacker can take advantage of this flaw to cause DHCP servers to consume resources, resulting in denial of service.
Product: |
isc-dhcp-server |
isc-dhcp-dev |
isc-dhcp-relay |
isc-dhcp-client |
isc-dhcp-common |