Lucene search

IBMB8AAF260FC4EFB2380AB7579E65BBF11EE7BD7BFD726C8F84474320C3209358F

HistoryDec 02, 2022 - 2:12 p.m.

Security Bulletin: ISC DHCP server for IBM i is vulnerable to a denial of service attack due to a memory leak and refererence count overflow (CVE-2022-2928, CVE-2022-2929)

2022-12-0214:12:59

www.ibm.com

ibm i

isc dhcp server

denial of service

memory leak

reference count overflow

cve-2022-2928

cve-2022-2929

vulnerability

fix

ptf

ibm support

upgrade

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

43.7%

JSON

Summary

ISC DHCP server on IBM i is vulnerable to a denial of service attack due to a memory leak in the fqdn_universe_decode function and a reference count overflow in the add_option function as described in the vulnerability details section. IBM i has addressed the vulnerabilities in ISC DHCP server with a fix as described in the remediation/fixes section.

Vulnerability Details

CVEID:CVE-2022-2929
**DESCRIPTION:**ISC DHCP is vulnerable to a denial of service, caused by a memory leak in the fqdn_universe_decode() function. By sending specially crafted DHCP packets for an extended period of time, a remote attacker from within the local network could exploit this vulnerability to cause the server to run out of memory.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/237823 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-2928
**DESCRIPTION:**ISC DHCP is vulnerable to a denial of service, caused by an option refcount overflow in the add_option() function. A remote attacker from within the local network could exploit this vulnerability to overflow the reference counters and cause the server to abort.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/237822 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s)	Version(s)
IBM i	7.5
IBM i	7.4
IBM i	7.3
IBM i	7.2

Remediation/Fixes

The issue can be fixed by applying a PTF to IBM i. IBM i 7.5, 7.4, 7.3, and 7.2 will be fixed.

The IBM i PTF numbers contain the fix for the vulnerabilities.

IBM i Release| 5770-SS1
PTF Number| PTF Download Link
—|—|—
7.5| SI81438| SI81438
7.4| SI81439| SI81439
7.3| SI81440| SI81440
7.2| SI81441| SI81441

https://www.ibm.com/support/fixcentral

_Important note: _IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products.

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmibm_i_7.5_preventative_service_planningMatch7.4.0

ibmibm_i_7.5_preventative_service_planningMatch7.5.0

ibmibm_i_7.5_preventative_service_planningMatch7.3.0

ibmiMatch7.5.0

ibmiMatch7.4.0

ibmiMatch7.3.0

ibmiMatch7.2.0

ibmibm_i_7.5_preventative_service_planningMatch7.2.0

CPENameOperatorVersion
ibm i 7.4 preventative service planningeq7.4.0
ibm i 7.5 preventative service planningeq7.5.0
ibm i 7.3 preventative service planningeq7.3.0
ibm ieq7.5.0
ibm ieq7.4.0
ibm ieq7.3.0
ibm ieq7.2.0
ibm i 7.2 preventative service planningeq7.2.0

Name	Operator	Version
ibm i 7.4 preventative service planning	eq	7.4.0
ibm i 7.5 preventative service planning	eq	7.5.0
ibm i 7.3 preventative service planning	eq	7.3.0
ibm i	eq	7.5.0
ibm i	eq	7.4.0
ibm i	eq	7.3.0
ibm i	eq	7.2.0
ibm i 7.2 preventative service planning	eq	7.2.0