FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

isc-dhcp -- Multiple vulnerabilities

Affected packages
isc-dhcp44-server < 4.4.1
isc-dhcp44-client < 4.4.1
isc-dhcp43-server <= 4.3.6
isc-dhcp43-client <= 4.3.6

Details

VuXML ID 2040c7f5-1e3a-11e8-8ae9-0050569f0b83
Discovery 2018-02-21
Entry 2018-03-02

ISC reports:

Failure to properly bounds check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section.

A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash.

References

CVE Name CVE-2018-5732
CVE Name CVE-2018-5733
URL https://kb.isc.org/article/AA-01565
URL https://kb.isc.org/article/AA-01567