Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in DHCP.
Software Description:
- isc-dhcp: DHCP server and client
Details:
USN-3586-1 fixed a vulnerability in DHCP. This update provides
the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
Felix Wilhelm discovered that the DHCP client incorrectly handled
certain malformed responses. A remote attacker could use this issue to
cause the DHCP client to crash, resulting in a denial of service, or
possibly execute arbitrary code. In the default installation,
attackers would be isolated by the dhclient AppArmor profile.
(CVE-2018-5732)
Felix Wilhelm discovered that the DHCP server incorrectly handled
reference counting. A remote attacker could possibly use this issue to
cause the DHCP server to crash, resulting in a denial of service.
(CVE-2018-5733)
The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM: isc-dhcp-client 4.1.ESV-R4-0ubuntu5.13 isc-dhcp-relay 4.1.ESV-R4-0ubuntu5.13 isc-dhcp-server 4.1.ESV-R4-0ubuntu5.13 isc-dhcp-server-ldap 4.1.ESV-R4-0ubuntu5.13 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-3586-2
https://ubuntu.com/security/notices/USN-3586-1
CVE-2018-5732, CVE-2018-5733
Get the latest Linux and open source security news straight to your inbox.