libdhcp.so is vulnerable to Denial Of Service (DoS). The vulnerability exists in fqdn_universe_decode()
function of option.c
when a system with access to a DHCP server which allows an attacker to crash the application via malicious inputs.
access.redhat.com/security/cve/cve-2022-2929
bugzilla.suse.com/show_bug.cgi?id=CVE-2022-2929
github.com/advisories/GHSA-wjcc-8xx5-frqg
github.com/isc-projects/dhcp/blob/master/common/options.c#L366
kb.isc.org/docs/cve-2022-2929
lists.debian.org/debian-lts-announce/2022/10/msg00015.html
lists.fedoraproject.org/archives/list/[email protected]/message/2SARIK7KZ7MGQIWDRWZFAOSQSPXY4GOU/
lists.fedoraproject.org/archives/list/[email protected]/message/QQXYCIWUDILRCNBAIMVFCSGXBRKEPB4K/
lists.fedoraproject.org/archives/list/[email protected]/message/T6IBFH4MRRNJQVWEKILQ6I6CXWW766FX/
security.gentoo.org/glsa/202305-22