Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:2502: Red Hat Security Advisory: dhcp security and enhancement update

An update for dhcp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-2928: An integer overflow vulnerability was found in the DHCP server. When the "option_code_hash_lookup()" function is called from "add_option()", it increases the option’s “refcount” field. However, there is not a corresponding call to "option_dereference()" to decrement the “refcount” field. The "add_option()" function is only used in server responses to lease query packets. Each lease query response calls this function for several options. Hence, a DHCP server configured with “allow lease query,” a remote machine with access to the server, can send lease queries for the same lease multiple times, leading to the "add_option()" function being called repeatedly. This issue could cause the reference counters to overflow and the server to abort or crash.
  • CVE-2022-2929: A vulnerability was found in the DHCP server where the "fqdn_universe_decode()" function allocates buffer space for the contents of option 81 (fqdn) data received in a DHCP packet. The maximum length of a DNS “label” is 63 bytes. The function tests the length byte of each label contained in the "fqdn"; if it finds a label whose length byte value is larger than 63, it returns without dereferencing the buffer space. This issue causes a memory leak. On a system with access to a DHCP server, an attacker from any adjacent network could send DHCP packets crafted to include “fqdn” labels longer than 63 bytes to the DHCP server, eventually causing the server to run out of memory and crash.
Red Hat Security Data
#vulnerability#web#mac#linux#red_hat#nodejs#js#java#kubernetes#aws#ibm

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2023-05-09

Updated:

2023-05-09

RHSA-2023:2502 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: dhcp security and enhancement update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for dhcp is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.

Security Fix(es):

  • dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort (CVE-2022-2928)
  • dhcp: DHCP memory leak (CVE-2022-2929)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.2 Release Notes linked from the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64

Fixes

  • BZ - 2095396 - [RFE] dhcp use systemd-sysusers
  • BZ - 2132001 - CVE-2022-2929 dhcp: DHCP memory leak
  • BZ - 2132002 - CVE-2022-2928 dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

Red Hat Enterprise Linux for x86_64 9

SRPM

dhcp-4.4.2-18.b1.el9.src.rpm

SHA-256: 45af5d5c96edd44f92981388825af75f6c07a35456ccf058ec92e30d886790f9

x86_64

dhcp-client-4.4.2-18.b1.el9.x86_64.rpm

SHA-256: 8de518a6c827a9f3956f4cc5c011f25a32e3cc4a7fd32d0ed1076e8a6f6134ec

dhcp-client-debuginfo-4.4.2-18.b1.el9.x86_64.rpm

SHA-256: 580916490c8ae21563856e144c122633e4e737129c5d0c62f02c89ae79cbf8e1

dhcp-common-4.4.2-18.b1.el9.noarch.rpm

SHA-256: b4c9231c4d2a53d531b8993df4ace4359af2a840cc654af4c3b29ba617203159

dhcp-debuginfo-4.4.2-18.b1.el9.x86_64.rpm

SHA-256: d222400c37b67f336dd21e76b10cbfc2cc85883a8a6133e3eed8f92708860be0

dhcp-debugsource-4.4.2-18.b1.el9.x86_64.rpm

SHA-256: f090a2a04e1225e1c0477bfa8d31a432bed28a04cddf6240b61757e7e65c71ef

dhcp-relay-4.4.2-18.b1.el9.x86_64.rpm

SHA-256: 4f37476375ef8d7c7a9bf91e08cb39459c255f88e87447e21e32aabb90ffcf5b

dhcp-relay-debuginfo-4.4.2-18.b1.el9.x86_64.rpm

SHA-256: 6095b5584f252c0ee00c4bbfe752f4eee242a894ae7f14898644b79ead5121d3

dhcp-server-4.4.2-18.b1.el9.x86_64.rpm

SHA-256: 0fe098174155561e23544a13712b6c60edbe1c58ace36c1309756c89fa0e29f7

dhcp-server-debuginfo-4.4.2-18.b1.el9.x86_64.rpm

SHA-256: 6c971c0b94d2b4a200a94be3024e665587c7ba36dd73b905dfd783de8ef9aa30

Red Hat Enterprise Linux for IBM z Systems 9

SRPM

dhcp-4.4.2-18.b1.el9.src.rpm

SHA-256: 45af5d5c96edd44f92981388825af75f6c07a35456ccf058ec92e30d886790f9

s390x

dhcp-client-4.4.2-18.b1.el9.s390x.rpm

SHA-256: 9a448e4840ab9798811868a1543e1eb84223c6cb2f241c3ce855394bdfebf983

dhcp-client-debuginfo-4.4.2-18.b1.el9.s390x.rpm

SHA-256: 1e896381637b22f9442c31224ae2e4e5c2def8e5e237b5ebf2288262bd5c9492

dhcp-common-4.4.2-18.b1.el9.noarch.rpm

SHA-256: b4c9231c4d2a53d531b8993df4ace4359af2a840cc654af4c3b29ba617203159

dhcp-debuginfo-4.4.2-18.b1.el9.s390x.rpm

SHA-256: 2c66bc8fa6a8d01f1b3c565369f9942b5523041bcc6015dbf3b3b7c3cf0967ce

dhcp-debugsource-4.4.2-18.b1.el9.s390x.rpm

SHA-256: adac76f9335c73f39912910d30b0688548563c25cef56a2ee4cc7e2eab653ea0

dhcp-relay-4.4.2-18.b1.el9.s390x.rpm

SHA-256: b3bf82359a7252de9de07c38bcc0405b732a6e4b75e781fb70a7b1fa2b0b867e

dhcp-relay-debuginfo-4.4.2-18.b1.el9.s390x.rpm

SHA-256: b443b18bdc5a52187e178603d4b3248521f652af6472f373b6183e25f2d58f4d

dhcp-server-4.4.2-18.b1.el9.s390x.rpm

SHA-256: 9a9946e12e5ec5083298c3540a72d09c44676196b5ab656516224d63d3c250bf

dhcp-server-debuginfo-4.4.2-18.b1.el9.s390x.rpm

SHA-256: 08b51ac0bb30e820af962424e0ea5a6d80b90be8d48b6c9fe52d436a5bd39463

Red Hat Enterprise Linux for Power, little endian 9

SRPM

dhcp-4.4.2-18.b1.el9.src.rpm

SHA-256: 45af5d5c96edd44f92981388825af75f6c07a35456ccf058ec92e30d886790f9

ppc64le

dhcp-client-4.4.2-18.b1.el9.ppc64le.rpm

SHA-256: a672fe2c41d09b2949111b47e25a3efe272214cd928301693bef391e3adb0d46

dhcp-client-debuginfo-4.4.2-18.b1.el9.ppc64le.rpm

SHA-256: 3be770e337c83a0580c6dc3ea683df73f047f785a7498261f6d29680a483650e

dhcp-common-4.4.2-18.b1.el9.noarch.rpm

SHA-256: b4c9231c4d2a53d531b8993df4ace4359af2a840cc654af4c3b29ba617203159

dhcp-debuginfo-4.4.2-18.b1.el9.ppc64le.rpm

SHA-256: 9d68546669d10896d5dac428d3e41ed4a6fb0205cc4dcdd64bd7dc4507566b43

dhcp-debugsource-4.4.2-18.b1.el9.ppc64le.rpm

SHA-256: 2a50cb174e0e41d1000779c6d61da1f2c0fce2e7c7b450d3e3a9b315b35553b8

dhcp-relay-4.4.2-18.b1.el9.ppc64le.rpm

SHA-256: ffe2df87ab4ddcd5a54040974ace16f2b9dc94157f433efaed56f19177e28cf3

dhcp-relay-debuginfo-4.4.2-18.b1.el9.ppc64le.rpm

SHA-256: 8129394aefeb30442040e9bac299dfa492863c5699ff40ce801b28b0878656f9

dhcp-server-4.4.2-18.b1.el9.ppc64le.rpm

SHA-256: 3ed8d7c56f5fa8fd2b863a6a60bad4e42ebab9f61fddfde8814f7b8d55bea543

dhcp-server-debuginfo-4.4.2-18.b1.el9.ppc64le.rpm

SHA-256: d23da8ae96f24c660c5e5256dfb6c54a72cc234b90d4a6e8fc0269869eda26d1

Red Hat Enterprise Linux for ARM 64 9

SRPM

dhcp-4.4.2-18.b1.el9.src.rpm

SHA-256: 45af5d5c96edd44f92981388825af75f6c07a35456ccf058ec92e30d886790f9

aarch64

dhcp-client-4.4.2-18.b1.el9.aarch64.rpm

SHA-256: 8f6d944776dff1dd81531caa681e41c2f599f43b9ad90101b73ac0082d1ad167

dhcp-client-debuginfo-4.4.2-18.b1.el9.aarch64.rpm

SHA-256: a2754fed313330c563157ec8ce77c8f18b2a8b9b1727f49ea34bbe067658d898

dhcp-common-4.4.2-18.b1.el9.noarch.rpm

SHA-256: b4c9231c4d2a53d531b8993df4ace4359af2a840cc654af4c3b29ba617203159

dhcp-debuginfo-4.4.2-18.b1.el9.aarch64.rpm

SHA-256: d1d3550e2fcd3e93f3520e3bcc335d4ae9e0a3c8aeef2b99c042ec51b091d931

dhcp-debugsource-4.4.2-18.b1.el9.aarch64.rpm

SHA-256: bbb69c384676706dc774bd98c2ed831df38a4247bd1781dae40edc0ed9c8aa64

dhcp-relay-4.4.2-18.b1.el9.aarch64.rpm

SHA-256: 36133ef0e4ea4b5065b85075efc7c5db5114cfda23e19edb046bacd0d85e5d55

dhcp-relay-debuginfo-4.4.2-18.b1.el9.aarch64.rpm

SHA-256: b16ff540a5cc2d14708cdcfe5f270dbef9706e2e2f8022aecba17cda97b6245b

dhcp-server-4.4.2-18.b1.el9.aarch64.rpm

SHA-256: cc9918e5b704c53cef78acf9e017ac00e6631e30fa8f8508a39776b11881d7ff

dhcp-server-debuginfo-4.4.2-18.b1.el9.aarch64.rpm

SHA-256: c1e1025ed78d64cb1733600564c18307d757815a41754a944447653a2e59101f

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

RHSA-2023:3353: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.0.9 security fixes and container updates

Multicluster Engine for Kubernetes 2.0.9 General Availability release images, which fix security issues and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32313: A flaw was found in the vm2. After making a vm, the inspect method is read-write for console.log, which allows an attacker to edit options for console.log. This issue impacts the integrity by changing the log subsystem. * CVE-2023-32314: A flaw was found in the vm2 sandbox. When a host o...

Red Hat Security Advisory 2023-3325-01

Red Hat Security Advisory 2023-3325-01 - Multicluster Engine for Kubernetes 2.1.7 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.

RHSA-2023:3325: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.1.7 security fixes and container updates

Multicluster Engine for Kubernetes 2.1.7 General Availability release images, which address security issues and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32313: A flaw was found in the vm2. After making a vm, the inspect method is read-write for console.log, which allows an attacker to edit options for console.log. This issue impacts the integrity by changing the log subsystem. * CVE-2023-32314: A flaw was found in the vm2 sandbox. When a ho...

Red Hat Security Advisory 2023-3296-01

Red Hat Security Advisory 2023-3296-01 - Multicluster Engine for Kubernetes 2.2.4 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.

RHSA-2023:3296: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.2.4 security fixes and container updates

Multicluster Engine for Kubernetes 2.2.4 General Availability release images, which fix security issues and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32313: A flaw was found in the vm2. After making a vm, the inspect method is read-write for console.log, which allows an attacker to edit options for console.log. This issue impacts the integrity by changing the log subsystem. * CVE-2023-32314: A flaw was found in the vm2 sandbox. When a host ...

RHSA-2023:3000: Red Hat Security Advisory: dhcp security and bug fix update

An update for dhcp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2928: An integer overflow vulnerability was found in the DHCP server. When the "option_code_hash_lookup()" function is called from "add_option()", it increases the option's "refcount" field. However, there is not a corresponding call to "option_dereference()" to decrement the "refcount" field. The "add_option()" function is only used in server responses to...

Red Hat Security Advisory 2023-2502-01

Red Hat Security Advisory 2023-2502-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Issues addressed include a memory leak vulnerability.

Gentoo Linux Security Advisory 202305-22

Gentoo Linux Security Advisory 202305-22 - Multiple vulnerabilities have been discovered in ISC DHCP, the worst of which could result in denial of service. Versions less than 4.4.3_p1 are affected.

Gentoo Linux Security Advisory 202305-22

Gentoo Linux Security Advisory 202305-22 - Multiple vulnerabilities have been discovered in ISC DHCP, the worst of which could result in denial of service. Versions less than 4.4.3_p1 are affected.

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

Ubuntu Security Notice USN-5658-3

Ubuntu Security Notice 5658-3 - USN-5658-1 fixed several vulnerabilities in DHCP. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that DHCP incorrectly handled option reference counting. A remote attacker could possibly use this issue to cause DHCP servers to crash, resulting in a denial of service.

Ubuntu Security Notice USN-5658-3

Ubuntu Security Notice 5658-3 - USN-5658-1 fixed several vulnerabilities in DHCP. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that DHCP incorrectly handled option reference counting. A remote attacker could possibly use this issue to cause DHCP servers to crash, resulting in a denial of service.

CVE-2022-2929: CVE-2022-2929 DHCP memory leak

In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.

CVE-2022-2928: CVE-2022-2928 An option refcount overflow exists in dhcpd

In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort.

Ubuntu Security Notice USN-5658-1

Ubuntu Security Notice 5658-1 - It was discovered that DHCP incorrectly handled option reference counting. A remote attacker could possibly use this issue to cause DHCP servers to crash, resulting in a denial of service. It was discovered that DHCP incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause DHCP clients and servers to consume resources, leading to a denial of service.

Ubuntu Security Notice USN-5658-1

Ubuntu Security Notice 5658-1 - It was discovered that DHCP incorrectly handled option reference counting. A remote attacker could possibly use this issue to cause DHCP servers to crash, resulting in a denial of service. It was discovered that DHCP incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause DHCP clients and servers to consume resources, leading to a denial of service.