Headline
RHSA-2023:3000: Red Hat Security Advisory: dhcp security and bug fix update
An update for dhcp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-2928: An integer overflow vulnerability was found in the DHCP server. When the "option_code_hash_lookup()" function is called from "add_option()", it increases the option’s “refcount” field. However, there is not a corresponding call to "option_dereference()" to decrement the “refcount” field. The "add_option()" function is only used in server responses to lease query packets. Each lease query response calls this function for several options. Hence, a DHCP server configured with “allow lease query,” a remote machine with access to the server, can send lease queries for the same lease multiple times, leading to the "add_option()" function being called repeatedly. This issue could cause the reference counters to overflow and the server to abort or crash.
- CVE-2022-2929: A vulnerability was found in the DHCP server where the "fqdn_universe_decode()" function allocates buffer space for the contents of option 81 (fqdn) data received in a DHCP packet. The maximum length of a DNS “label” is 63 bytes. The function tests the length byte of each label contained in the "fqdn"; if it finds a label whose length byte value is larger than 63, it returns without dereferencing the buffer space. This issue causes a memory leak. On a system with access to a DHCP server, an attacker from any adjacent network could send DHCP packets crafted to include “fqdn” labels longer than 63 bytes to the DHCP server, eventually causing the server to run out of memory and crash.
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2023-05-16
Updated:
2023-05-16
RHSA-2023:3000 - Security Advisory
- Overview
- Updated Packages
Synopsis
Moderate: dhcp security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for dhcp is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.
Security Fix(es):
- dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort (CVE-2022-2928)
- dhcp: DHCP memory leak (CVE-2022-2929)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for ARM 64 8 aarch64
Fixes
- BZ - 2132001 - CVE-2022-2929 dhcp: DHCP memory leak
- BZ - 2132002 - CVE-2022-2928 dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort
References
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index
Red Hat Enterprise Linux for x86_64 8
SRPM
dhcp-4.3.6-49.el8.src.rpm
SHA-256: b3a12c2c0da32e759100584182ae38f6320c6a5292607daf788b56c2a0218ac3
x86_64
dhcp-client-4.3.6-49.el8.x86_64.rpm
SHA-256: 69ed9636f2e0334594a086cb9a2c5998461997c889bae7377cd5f189bba55688
dhcp-client-debuginfo-4.3.6-49.el8.i686.rpm
SHA-256: ba43137c984d593a9b476fa5fd2e5482f804e187a6182add473764fbacf8f16d
dhcp-client-debuginfo-4.3.6-49.el8.x86_64.rpm
SHA-256: 14991e3d8e0f212ca041030903a7911ab268467b938089b72641f5820ebbef5c
dhcp-common-4.3.6-49.el8.noarch.rpm
SHA-256: e82bcbed234f06155c9998a099123926a67ecbf1e82a0f5d5b507570a62113c4
dhcp-debuginfo-4.3.6-49.el8.i686.rpm
SHA-256: ccf48fb06518ba4497d0df74e09f8b604cd20e0bfa244f28e39af2e071494c82
dhcp-debuginfo-4.3.6-49.el8.x86_64.rpm
SHA-256: 38ba8acce0e95747a68c3d15a1ae5ca66e968df1ba8954be0f2668dbe21115d7
dhcp-debugsource-4.3.6-49.el8.i686.rpm
SHA-256: cdbfd1b471960fbcc400c8c81e20eb79e6c06b164ca6ed547ca188d4e0d3cdc4
dhcp-debugsource-4.3.6-49.el8.x86_64.rpm
SHA-256: 15b7074ad9770fac1d80ce8373feb3b7b366867c64332f9d1de49f0c6335d5bb
dhcp-libs-4.3.6-49.el8.i686.rpm
SHA-256: 14c2e45779c716ea92b2090315f10e88889507e2957ef6211059cc8f55db992e
dhcp-libs-4.3.6-49.el8.x86_64.rpm
SHA-256: 0c2bd6b5c90a0bb89fa37d247ec7bb4e4f72385c6bae54fb18111393b60b8a61
dhcp-libs-debuginfo-4.3.6-49.el8.i686.rpm
SHA-256: ffa13f4971028f2a47a13bf7f02451bd5a39d984746a81fd44ee8fc6a2e7c74e
dhcp-libs-debuginfo-4.3.6-49.el8.x86_64.rpm
SHA-256: 8f5336949aa2d586d649d95f9d81f75743b1451f55287ef5597ba9674db1ef19
dhcp-relay-4.3.6-49.el8.x86_64.rpm
SHA-256: b213c127487aa0f373e465a78b63abb2d13fafa8173cbc94721a3cba30a27d23
dhcp-relay-debuginfo-4.3.6-49.el8.i686.rpm
SHA-256: 623e36f3b7cf26c22a76912d546eeb10536471c0f14e42ec645f04e327ac546b
dhcp-relay-debuginfo-4.3.6-49.el8.x86_64.rpm
SHA-256: 9faeaf311ccd14d68536abb22989157760168d687bd225a263657c7a5f3d8d43
dhcp-server-4.3.6-49.el8.x86_64.rpm
SHA-256: 76c5c52bdf5c31be33f2e85c6b6868e8f04f63025bb1e537b0d5aa364f2a7411
dhcp-server-debuginfo-4.3.6-49.el8.i686.rpm
SHA-256: bcb5ccc235c6cadbe4389fe90f506cac4f78b9e6d5368889577de4b65e418c94
dhcp-server-debuginfo-4.3.6-49.el8.x86_64.rpm
SHA-256: 33a1270536f2220b4d695e7af59a43af8c78ddeae4c727776cc82c4dc1d7d852
Red Hat Enterprise Linux for IBM z Systems 8
SRPM
dhcp-4.3.6-49.el8.src.rpm
SHA-256: b3a12c2c0da32e759100584182ae38f6320c6a5292607daf788b56c2a0218ac3
s390x
dhcp-client-4.3.6-49.el8.s390x.rpm
SHA-256: a8b389ec4bf8f4ab5be60b72317861d0d050640bc6a4cdf8da818b9053e02737
dhcp-client-debuginfo-4.3.6-49.el8.s390x.rpm
SHA-256: 98e63c00a885a26809df44fd59495479ef25e4375dd38d1d9d5b9acfb1e91e89
dhcp-common-4.3.6-49.el8.noarch.rpm
SHA-256: e82bcbed234f06155c9998a099123926a67ecbf1e82a0f5d5b507570a62113c4
dhcp-debuginfo-4.3.6-49.el8.s390x.rpm
SHA-256: 2d82c25cdba4c9c6add87ab0bade0c0876d4749c778ae0be38cedd20bd8134e9
dhcp-debugsource-4.3.6-49.el8.s390x.rpm
SHA-256: 6de84cfbec7ac70809adabda9e19d3202bc0b099b15c34b7b353f44c1481b122
dhcp-libs-4.3.6-49.el8.s390x.rpm
SHA-256: 76dd018621d52f7320b94f7f8d10adcac54e9256fff18d6324ffd0b5495781d9
dhcp-libs-debuginfo-4.3.6-49.el8.s390x.rpm
SHA-256: 65eba79eb58d7f3e4156f950e020798424ff2956f8b2199f65ba105fb9547158
dhcp-relay-4.3.6-49.el8.s390x.rpm
SHA-256: 180561a754fa4d9ffd3787c261c81f44ff160918ac991f7871025361f46cbbc0
dhcp-relay-debuginfo-4.3.6-49.el8.s390x.rpm
SHA-256: 25a7042db527bbde6b2cd849d5ff75d7c3c7c843c24a85d9b82c1e186adc6240
dhcp-server-4.3.6-49.el8.s390x.rpm
SHA-256: 938d06a61a461c27c389e721a8251a12e0558a90cac908d716a65e93863b567e
dhcp-server-debuginfo-4.3.6-49.el8.s390x.rpm
SHA-256: f50fe70ecd504d2357263e6058b3f18d2b18130edd11e28f5fb45ee854a1415b
Red Hat Enterprise Linux for Power, little endian 8
SRPM
dhcp-4.3.6-49.el8.src.rpm
SHA-256: b3a12c2c0da32e759100584182ae38f6320c6a5292607daf788b56c2a0218ac3
ppc64le
dhcp-client-4.3.6-49.el8.ppc64le.rpm
SHA-256: 485ab8f4e85f2be2cc05bd35a23b159a726e16e9652d6cf731a5e001be9cfae6
dhcp-client-debuginfo-4.3.6-49.el8.ppc64le.rpm
SHA-256: 61048a11b6c055087931abc3690b142db24f6708d27cdd3eefb44c2caa7b895a
dhcp-common-4.3.6-49.el8.noarch.rpm
SHA-256: e82bcbed234f06155c9998a099123926a67ecbf1e82a0f5d5b507570a62113c4
dhcp-debuginfo-4.3.6-49.el8.ppc64le.rpm
SHA-256: eb7c6698ac63a97ed4fd43ae287a00420b545384cc937a60e106a3070d1f83bd
dhcp-debugsource-4.3.6-49.el8.ppc64le.rpm
SHA-256: 24b9ebfcff91fa774fe2fff40b6a54de0199b2dde60c16ea36657d1088e595dd
dhcp-libs-4.3.6-49.el8.ppc64le.rpm
SHA-256: e2c55e004f9e0c4b792567555cc73995d1e657b22db1c6d170b6c4ab9b183a9e
dhcp-libs-debuginfo-4.3.6-49.el8.ppc64le.rpm
SHA-256: b005b5397d37bfc16321720296e0cb3e2dd60d2504bf4b84eec9e30382545db2
dhcp-relay-4.3.6-49.el8.ppc64le.rpm
SHA-256: 53c36887a9eb04d8c5c0a764d433edee0f840afb948b5696fa256b0f5117df7a
dhcp-relay-debuginfo-4.3.6-49.el8.ppc64le.rpm
SHA-256: ac52520d1202ac7ccf3e28ce0fed67524e2e2adba54b5b31bc7c8fe472cb19e3
dhcp-server-4.3.6-49.el8.ppc64le.rpm
SHA-256: ac01ed79ea7c67c814f29b7520c4e326f36b4272dc40c7586e72938276ad0325
dhcp-server-debuginfo-4.3.6-49.el8.ppc64le.rpm
SHA-256: 3200aa192411e7f47a639427b0119bef9fb046590768d8d708cfd26003da50ce
Red Hat Enterprise Linux for ARM 64 8
SRPM
dhcp-4.3.6-49.el8.src.rpm
SHA-256: b3a12c2c0da32e759100584182ae38f6320c6a5292607daf788b56c2a0218ac3
aarch64
dhcp-client-4.3.6-49.el8.aarch64.rpm
SHA-256: 4994c73fb5ddd1b2e69c4c65ab71c15d7b73f775f346750fb0f827ea666adf7a
dhcp-client-debuginfo-4.3.6-49.el8.aarch64.rpm
SHA-256: 774427440100255b6a7f41f8439059b48a504d7d9233d623023b21a20c7e4c91
dhcp-common-4.3.6-49.el8.noarch.rpm
SHA-256: e82bcbed234f06155c9998a099123926a67ecbf1e82a0f5d5b507570a62113c4
dhcp-debuginfo-4.3.6-49.el8.aarch64.rpm
SHA-256: af88d0e9fbc4ddef1e961aa094cb892fcf10daff73850f01581bde2ec0bb4812
dhcp-debugsource-4.3.6-49.el8.aarch64.rpm
SHA-256: fe34fd52221e4286d63c3d4d9009f5536824cf5d4523b397fcb245f1d6bc4e20
dhcp-libs-4.3.6-49.el8.aarch64.rpm
SHA-256: aa91adf87bf47b026f1cbfa3542c6dd5ae4a5719bd58165019b2ba2f77fba9fb
dhcp-libs-debuginfo-4.3.6-49.el8.aarch64.rpm
SHA-256: 4609065b8b5441f5e61c375a52e11b723927b989cccddb8975cae3d17679eb00
dhcp-relay-4.3.6-49.el8.aarch64.rpm
SHA-256: aab5760d1bb7e5e2d52f7847e0bf3b65d6141cdefe9f7b4d8406aae1a717b2f8
dhcp-relay-debuginfo-4.3.6-49.el8.aarch64.rpm
SHA-256: 5d6477cf6044908afb1480bf269c62b74b665d07448e741584a7d37b7a013a21
dhcp-server-4.3.6-49.el8.aarch64.rpm
SHA-256: 0f3fca89df8466c29eddd06bd3d1995d2f645b5f2be50b0234c5493300c752f6
dhcp-server-debuginfo-4.3.6-49.el8.aarch64.rpm
SHA-256: efcab9a170d49448caf28793295a19cfc18b22661266237d00a860c82ad1136b
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Multicluster Engine for Kubernetes 2.0.9 General Availability release images, which fix security issues and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32313: A flaw was found in the vm2. After making a vm, the inspect method is read-write for console.log, which allows an attacker to edit options for console.log. This issue impacts the integrity by changing the log subsystem. * CVE-2023-32314: A flaw was found in the vm2 sandbox. When a host o...
Red Hat Security Advisory 2023-3325-01 - Multicluster Engine for Kubernetes 2.1.7 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.
Multicluster Engine for Kubernetes 2.1.7 General Availability release images, which address security issues and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32313: A flaw was found in the vm2. After making a vm, the inspect method is read-write for console.log, which allows an attacker to edit options for console.log. This issue impacts the integrity by changing the log subsystem. * CVE-2023-32314: A flaw was found in the vm2 sandbox. When a ho...
Red Hat Security Advisory 2023-3296-01 - Multicluster Engine for Kubernetes 2.2.4 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.
Multicluster Engine for Kubernetes 2.2.4 General Availability release images, which fix security issues and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32313: A flaw was found in the vm2. After making a vm, the inspect method is read-write for console.log, which allows an attacker to edit options for console.log. This issue impacts the integrity by changing the log subsystem. * CVE-2023-32314: A flaw was found in the vm2 sandbox. When a host ...
Red Hat Security Advisory 2023-2502-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Issues addressed include a memory leak vulnerability.
Red Hat Security Advisory 2023-2502-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Issues addressed include a memory leak vulnerability.
An update for dhcp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2928: An integer overflow vulnerability was found in the DHCP server. When the "option_code_hash_lookup()" function is called from "add_option()", it increases the option's "refcount" field. However, there is not a corresponding call to "option_dereference()" to decrement the "refcount" field. The "add_option()" function is only used in server responses to...
An update for dhcp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2928: An integer overflow vulnerability was found in the DHCP server. When the "option_code_hash_lookup()" function is called from "add_option()", it increases the option's "refcount" field. However, there is not a corresponding call to "option_dereference()" to decrement the "refcount" field. The "add_option()" function is only used in server responses to...
Gentoo Linux Security Advisory 202305-22 - Multiple vulnerabilities have been discovered in ISC DHCP, the worst of which could result in denial of service. Versions less than 4.4.3_p1 are affected.
Gentoo Linux Security Advisory 202305-22 - Multiple vulnerabilities have been discovered in ISC DHCP, the worst of which could result in denial of service. Versions less than 4.4.3_p1 are affected.
Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]
Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]
Ubuntu Security Notice 5658-3 - USN-5658-1 fixed several vulnerabilities in DHCP. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that DHCP incorrectly handled option reference counting. A remote attacker could possibly use this issue to cause DHCP servers to crash, resulting in a denial of service.
Ubuntu Security Notice 5658-3 - USN-5658-1 fixed several vulnerabilities in DHCP. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that DHCP incorrectly handled option reference counting. A remote attacker could possibly use this issue to cause DHCP servers to crash, resulting in a denial of service.
In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.
In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort.
Ubuntu Security Notice 5658-1 - It was discovered that DHCP incorrectly handled option reference counting. A remote attacker could possibly use this issue to cause DHCP servers to crash, resulting in a denial of service. It was discovered that DHCP incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause DHCP clients and servers to consume resources, leading to a denial of service.
Ubuntu Security Notice 5658-1 - It was discovered that DHCP incorrectly handled option reference counting. A remote attacker could possibly use this issue to cause DHCP servers to crash, resulting in a denial of service. It was discovered that DHCP incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause DHCP clients and servers to consume resources, leading to a denial of service.