FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ISC KEA -- Multiple vulnerabilities

Affected packages
kea < 1.6.0


VuXML ID 20b92374-d62a-11e9-af73-001b217e4ee5
Discovery 2019-08-28
Entry 2019-09-20

Internet Systems Consortium, Inc. reports:

A packet containing a malformed DUID can cause the kea-dhcp6 server to terminate (CVE-2019-6472) [Medium]

An invalid hostname option can cause the kea-dhcp4 server to terminate (CVE-2019-6473) [Medium]

An oversight when validating incoming client requests can lead to a situation where the Kea server
will exit when trying to restart (CVE-2019-6474) [Medium]


CVE Name CVE-2019-6472
CVE Name CVE-2019-6473
CVE Name CVE-2019-6474