CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
EPSS
Percentile
68.3%
In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other
branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and
releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no
longer supported by ISC. From inspection it is clear that the defect is
also present in releases from those series, but they have not been
officially tested for the vulnerability), The outcome of encountering the
defect while reading a lease that will trigger it varies, according to: the
component being affected (i.e., dhclient or dhcpd) whether the package was
built as a 32-bit or 64-bit binary whether the compiler flag
-fstack-protection-strong was used when compiling In dhclient, ISC has not
successfully reproduced the error on a 64-bit system. However, on a 32-bit
system it is possible to cause dhclient to crash when reading an improper
lease, which could cause network connectivity problems for an affected
system due to the absence of a running DHCP client process. In dhcpd, when
run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a
32-bit architecture AND the -fstack-protection-strong flag was specified to
the compiler, dhcpd may exit while parsing a lease file containing an
objectionable lease, resulting in lack of service to clients. Additionally,
the offending lease and the lease immediately following it in the lease
database may be improperly deleted. if the dhcpd server binary was built
for a 64-bit architecture OR if the -fstack-protection-strong compiler flag
was NOT specified, the crash will not occur, but it is possible for the
offending lease and the lease which immediately followed it to be
improperly deleted.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | isc-dhcp | < 4.3.5-3ubuntu7.3 | UNKNOWN |
ubuntu | 20.04 | noarch | isc-dhcp | < 4.4.1-2.1ubuntu5.20.04.2 | UNKNOWN |
ubuntu | 20.10 | noarch | isc-dhcp | < 4.4.1-2.1ubuntu10.1 | UNKNOWN |
ubuntu | 21.04 | noarch | isc-dhcp | < 4.4.1-2.2ubuntu6.1 | UNKNOWN |
ubuntu | 21.10 | noarch | isc-dhcp | < 4.4.1-2.2ubuntu7 | UNKNOWN |
ubuntu | 22.04 | noarch | isc-dhcp | < 4.4.1-2.2ubuntu7 | UNKNOWN |
ubuntu | 14.04 | noarch | isc-dhcp | < 4.2.4-7ubuntu12.13+esm1 | UNKNOWN |
ubuntu | 16.04 | noarch | isc-dhcp | < 4.3.3-5ubuntu12.10+esm1 | UNKNOWN |
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
EPSS
Percentile
68.3%