Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:8385: Red Hat Security Advisory: dhcp security and enhancement update

An update for dhcp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2021-25220: bind: DNS forwarders - cache poisoning vulnerability
Red Hat Security Data
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes#aws#ibm

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2022-11-15

Updated:

2022-11-15

RHSA-2022:8385 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: dhcp security and enhancement update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for dhcp is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.

Security Fix(es):

  • bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64

Fixes

  • BZ - 2064512 - CVE-2021-25220 bind: DNS forwarders - cache poisoning vulnerability

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index

Red Hat Enterprise Linux for x86_64 9

SRPM

dhcp-4.4.2-17.b1.el9.src.rpm

SHA-256: 7ff746bd90b0a2115103100ae6fd08905fda2ae5fa3c81f99bb4ddc37326bb4c

x86_64

dhcp-client-4.4.2-17.b1.el9.x86_64.rpm

SHA-256: 43bc67fe1c6f1f7ed353cf80f82108c7da3b60c863e4ee937e01f876a067f609

dhcp-client-debuginfo-4.4.2-17.b1.el9.x86_64.rpm

SHA-256: 2e024586913939fc1034671696f302bfbc47b0bc2c37926885b23750a2df460e

dhcp-common-4.4.2-17.b1.el9.noarch.rpm

SHA-256: 1ff0ffdbb2bd9f1c329a73429b6feb17863ae546f7d9bf429bb8a9fc903b2ffc

dhcp-debuginfo-4.4.2-17.b1.el9.x86_64.rpm

SHA-256: 0f98b950a1429020631a3b2fd0a503fb6abcb90d9a360c6ac1f57a38ee4db73f

dhcp-debugsource-4.4.2-17.b1.el9.x86_64.rpm

SHA-256: 20488bede697987d948f122f5e1abe69444818318bca597fd1b4f3c5cf60e17d

dhcp-relay-4.4.2-17.b1.el9.x86_64.rpm

SHA-256: 14f9b4831d50cff5409f689e22ef5ddb48d2b22fb76fca9ea3a579d73970dac1

dhcp-relay-debuginfo-4.4.2-17.b1.el9.x86_64.rpm

SHA-256: 97040fb47d295edc8d065fe4bcb41d6e353c3984ce85d6dda7280c84e5adad80

dhcp-server-4.4.2-17.b1.el9.x86_64.rpm

SHA-256: f4d98c779e0259656db7e5f38723c606d6203f6f5d4e74a99d4179684383a593

dhcp-server-debuginfo-4.4.2-17.b1.el9.x86_64.rpm

SHA-256: f76974ceeaabdd3faeb934939c99e13194ecbc9eb7b4f777de5f358030e9a7df

Red Hat Enterprise Linux for IBM z Systems 9

SRPM

dhcp-4.4.2-17.b1.el9.src.rpm

SHA-256: 7ff746bd90b0a2115103100ae6fd08905fda2ae5fa3c81f99bb4ddc37326bb4c

s390x

dhcp-client-4.4.2-17.b1.el9.s390x.rpm

SHA-256: 2a618a768c27543e9fa6ccc9b3a29983ccb3696926451db0d9d4fc8526d13476

dhcp-client-debuginfo-4.4.2-17.b1.el9.s390x.rpm

SHA-256: e81734900b45a8e7dbf94aad4611ce775b5f2b0d14e5a79cfd266aa17676b79b

dhcp-common-4.4.2-17.b1.el9.noarch.rpm

SHA-256: 1ff0ffdbb2bd9f1c329a73429b6feb17863ae546f7d9bf429bb8a9fc903b2ffc

dhcp-debuginfo-4.4.2-17.b1.el9.s390x.rpm

SHA-256: 432996cd5589f6f1461366516fbb028f82d3951137c05fffaad17ff0d6c640b3

dhcp-debugsource-4.4.2-17.b1.el9.s390x.rpm

SHA-256: 9f2e31abde77073a47919702d6797a5b6351014b4ee5014c686704a89b794eb1

dhcp-relay-4.4.2-17.b1.el9.s390x.rpm

SHA-256: 123e5ac98e6de5037ed8f09df1eafafa36b4e1d728134afe94130ffe1d6bb816

dhcp-relay-debuginfo-4.4.2-17.b1.el9.s390x.rpm

SHA-256: 0f0fa090a0f93f191ba4286f7e4b6629e52fadf92db2f2383fa2e35ce4cbd00f

dhcp-server-4.4.2-17.b1.el9.s390x.rpm

SHA-256: 1dd5478331acec5685b3537ea09800c32ce7f381768345ea3e7f853bb30f667a

dhcp-server-debuginfo-4.4.2-17.b1.el9.s390x.rpm

SHA-256: f2e2c345b9b82f8458c9f616651d7fe1e9d4f1833844fb426af3eeb58659787f

Red Hat Enterprise Linux for Power, little endian 9

SRPM

dhcp-4.4.2-17.b1.el9.src.rpm

SHA-256: 7ff746bd90b0a2115103100ae6fd08905fda2ae5fa3c81f99bb4ddc37326bb4c

ppc64le

dhcp-client-4.4.2-17.b1.el9.ppc64le.rpm

SHA-256: 66fa08e1f231e58d1a7391b68b57a8c523ce1a624bc9a2a51f692c04ff325be6

dhcp-client-debuginfo-4.4.2-17.b1.el9.ppc64le.rpm

SHA-256: 69f95d6fdd5fd72a30befec282cc3bb169cf350dd1066362667606d285ace6d1

dhcp-common-4.4.2-17.b1.el9.noarch.rpm

SHA-256: 1ff0ffdbb2bd9f1c329a73429b6feb17863ae546f7d9bf429bb8a9fc903b2ffc

dhcp-debuginfo-4.4.2-17.b1.el9.ppc64le.rpm

SHA-256: faa9ba3dad14863ed399fe2a4e95ae3ede020f1469929fc18d169ec00f6f7e95

dhcp-debugsource-4.4.2-17.b1.el9.ppc64le.rpm

SHA-256: 688a340d95bf74c139fdf5e977469af4d7b90aca98f814e91f6ec3f9d4f0b3f6

dhcp-relay-4.4.2-17.b1.el9.ppc64le.rpm

SHA-256: 2bd6e63ecddfd9e023fce138a039a83b1d89234460e7f1d6c702f58f88b4b160

dhcp-relay-debuginfo-4.4.2-17.b1.el9.ppc64le.rpm

SHA-256: 59b13c71e44f390c84917946e5aea10fa8b659451885c1ce96b87847962775bb

dhcp-server-4.4.2-17.b1.el9.ppc64le.rpm

SHA-256: d379b5d763f4f6605ee127d56a5957b606d3e3fb46b4afc873578a0c5114d13e

dhcp-server-debuginfo-4.4.2-17.b1.el9.ppc64le.rpm

SHA-256: 63bf51e52e942d3e0be3ee5f22f9c9de9a0bf740868ad9a5b49e4abed8a0b8a9

Red Hat Enterprise Linux for ARM 64 9

SRPM

dhcp-4.4.2-17.b1.el9.src.rpm

SHA-256: 7ff746bd90b0a2115103100ae6fd08905fda2ae5fa3c81f99bb4ddc37326bb4c

aarch64

dhcp-client-4.4.2-17.b1.el9.aarch64.rpm

SHA-256: cfebc455e94fdef871e61d639cc76777fd5a24302e47b4e4b4f417cb8edfb16b

dhcp-client-debuginfo-4.4.2-17.b1.el9.aarch64.rpm

SHA-256: 9c3ab57d9138da435c3cd36a2c0a1eb3fbd5980fe154251a5c988d7c46585ebd

dhcp-common-4.4.2-17.b1.el9.noarch.rpm

SHA-256: 1ff0ffdbb2bd9f1c329a73429b6feb17863ae546f7d9bf429bb8a9fc903b2ffc

dhcp-debuginfo-4.4.2-17.b1.el9.aarch64.rpm

SHA-256: 98323db4d436d13a448f8e5a3d8bee21a0f72af4f09a1fc8ef13b0070d7d6932

dhcp-debugsource-4.4.2-17.b1.el9.aarch64.rpm

SHA-256: 1bd229233f7c69283e0a8c6dc93aefc7bb4983e2150e84a9040c71176d54b25c

dhcp-relay-4.4.2-17.b1.el9.aarch64.rpm

SHA-256: 4a2f4a228eab5e3f2130cd3ac60fdafcc6f8daf823cb2d21f9b0e372fabc3399

dhcp-relay-debuginfo-4.4.2-17.b1.el9.aarch64.rpm

SHA-256: 379dc355068008651eca10281c70bc99c37ca31f0b0973f1bc4c0b200460911d

dhcp-server-4.4.2-17.b1.el9.aarch64.rpm

SHA-256: 4b6e573c5ebc45757bf02e675f373d1f641c0871932b0dac8c99df978e244278

dhcp-server-debuginfo-4.4.2-17.b1.el9.aarch64.rpm

SHA-256: d2c2fc28405f3b8c3cd6f11822475e78bf0a38b6c08a135b3c31b9f54dae0492

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

CVE-2023-43074: DSA-2023-141: Dell Unity, Unity VSA and Unity XT Security Update for Multiple Vulnerability

Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by crafting arbitrary files through a request to the server.

CVE-2023-22062: Oracle Critical Patch Update Advisory - July 2023

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).

Red Hat Security Advisory 2023-0402-01

Red Hat Security Advisory 2023-0402-01 - An update for bind is now available for Red Hat Enterprise Linux 7.

RHSA-2023:0402: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-25220: bind: DNS forwarders - cache poisoning vulnerability * CVE-2022-2795: bind: processing large delegations may severely degrade resolver performance

Red Hat Security Advisory 2022-8068-01

Red Hat Security Advisory 2022-8068-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-8385-01

Red Hat Security Advisory 2022-8385-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.

RHSA-2022:8068: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-25220: bind: DNS forwarders - cache poisoning vulnerability * CVE-2022-0396: bind: DoS from specifically crafted TCP packets

Red Hat Security Advisory 2022-7643-01

Red Hat Security Advisory 2022-7643-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include denial of service and memory leak vulnerabilities.

RHSA-2022:7643: Red Hat Security Advisory: bind9.16 security update

An update for bind9.16 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-25220: bind: DNS forwarders - cache poisoning vulnerability * CVE-2022-0396: bind: DoS from specifically crafted TCP packets

RHSA-2022:7790: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-25220: bind: DNS forwarders - cache poisoning vulnerability

CVE-2021-25220: CVE-2021-25220: DNS forwarders - cache poisoning vulnerability

BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.