Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 0 articles for you...
98
security advisoryRed Hat Enterprise Linuxnetwork protocolRed Hat Enterprise Linux 8 RHSA-2023:3000-01 Moderate: DHCP Security Fix
An update for dhcp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: dhcp security and bug fix update Advisory ID: RHSA-2023:3000-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:3000 Issue date: 2023-05-16 CVE Names: CVE-2022-2928 CVE-2022-2929 ==================================================================== 1. Summary: An update for dhcp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix(es): * dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort (CVE-2022-2928) * dhcp: DHCP memory leak (CVE-2022-2929) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information onchanges in this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2132001 - CVE-2022-2929 dhcp: DHCP memory leak 2132002 - CVE-2022-2928 dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort 6. Package List: Red Hat Enterprise Linux BaseOS (v.8): Source: dhcp-4.3.6-49.el8.src.rpm aarch64: dhcp-client-4.3.6-49.el8.aarch64.rpm dhcp-client-debuginfo-4.3.6-49.el8.aarch64.rpm dhcp-debuginfo-4.3.6-49.el8.aarch64.rpm dhcp-debugsource-4.3.6-49.el8.aarch64.rpm dhcp-libs-4.3.6-49.el8.aarch64.rpm dhcp-libs-debuginfo-4.3.6-49.el8.aarch64.rpm dhcp-relay-4.3.6-49.el8.aarch64.rpm dhcp-relay-debuginfo-4.3.6-49.el8.aarch64.rpm dhcp-server-4.3.6-49.el8.aarch64.rpm dhcp-server-debuginfo-4.3.6-49.el8.aarch64.rpm noarch: dhcp-common-4.3.6-49.el8.noarch.rpm ppc64le: dhcp-client-4.3.6-49.el8.ppc64le.rpm dhcp-client-debuginfo-4.3.6-49.el8.ppc64le.rpm dhcp-debuginfo-4.3.6-49.el8.ppc64le.rpm dhcp-debugsource-4.3.6-49.el8.ppc64le.rpm dhcp-libs-4.3.6-49.el8.ppc64le.rpm dhcp-libs-debuginfo-4.3.6-49.el8.ppc64le.rpm dhcp-relay-4.3.6-49.el8.ppc64le.rpm dhcp-relay-debuginfo-4.3.6-49.el8.ppc64le.rpm dhcp-server-4.3.6-49.el8.ppc64le.rpm dhcp-server-debuginfo-4.3.6-49.el8.ppc64le.rpm s390x: dhcp-client-4.3.6-49.el8.s390x.rpm dhcp-client-debuginfo-4.3.6-49.el8.s390x.rpm dhcp-debuginfo-4.3.6-49.el8.s390x.rpm dhcp-debugsource-4.3.6-49.el8.s390x.rpm dhcp-libs-4.3.6-49.el8.s390x.rpm dhcp-libs-debuginfo-4.3.6-49.el8.s390x.rpm dhcp-relay-4.3.6-49.el8.s390x.rpm dhcp-relay-debuginfo-4.3.6-49.el8.s390x.rpm dhcp-server-4.3.6-49.el8.s390x.rpm dhcp-server-debuginfo-4.3.6-49.el8.s390x.rpm x86_64: dhcp-client-4.3.6-49.el8.x86_64.rpm dhcp-client-debuginfo-4.3.6-49.el8.i686.rpm dhcp-client-debuginfo-4.3.6-49.el8.x86_64.rpm dhcp-debuginfo-4.3.6-49.el8.i686.rpm dhcp-debuginfo-4.3.6-49.el8.x86_64.rpm dhcp-debugsource-4.3.6-49.el8.i686.rpm dhcp-debugsource-4.3.6-49.el8.x86_64.rpm dhcp-libs-4.3.6-49.el8.i686.rpm dhcp-libs-4.3.6-49.el8.x86_64.rpm dhcp-libs-debuginfo-4.3.6-49.el8.i686.rpm dhcp-libs-debuginfo-4.3.6-49.el8.x86_64.rpm dhcp-relay-4.3.6-49.el8.x86_64.rpm dhcp-relay-debuginfo-4.3.6-49.el8.i686.rpm dhcp-relay-debuginfo-4.3.6-49.el8.x86_64.rpm dhcp-server-4.3.6-49.el8.x86_64.rpm dhcp-server-debuginfo-4.3.6-49.el8.i686.rpm dhcp-server-debuginfo-4.3.6-49.el8.x86_64.rpm These packages are GPGsigned by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-2928 https://access.redhat.com/security/cve/CVE-2022-2929 https://access.redhat.com/security/updates/classification#moderate https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/8.8_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZGNwt9zjgjWX9erEAQjjvw/+Jw8GNCDAtyunlAQK0/tamRTxy66riF1m 54fmdZpVsm9rj/X5r3aawojmYvI85OEj7JRLQmjrVxlaYRdRo6nijkUlSAkD8fxP 3YWBc/xdxxrXWUHF+1e2q3oKg+rbsnOmvfEmaujhN9RC64t2ak5GH5NYdr3moxwA LKEr3N40kE//2t2tfkNSTrfMLeBHSSB8CCcJEjgkdYLJorXTF9OHUGfhpM+kssE8 4vVOjawKsmkfSJ6BM8cnmU0l4MnWrcTgsP8ulZ8Z+PAzsEOf8bYwkHB9n9f9uBPB fSepZkeMo0v2gizm7EVY4f1b2NstGjTDufG9Nqqc2Ier3CtHduEJtOAfiVqgudVb +bCxF2C1jehu7ZJBCy238cbUyrmqMGug6IwrumFcynuisaDwBbfxGudB2BGNNQSf p/DGAAQq8Q+ltS+k/oXxmOhuJjyVdEwOFPp3FCdM/7TLHKrMuHoa3EeXFy3gmH1q J2dt9q8n8BBtCf8I9rd4x0DuLzxFBHjtqktM2SWc7kgLYA7EAEDCt1riSI+YdEOF jRstPLVzU2r04W7Q6w8EJ4v6nKFucvPWwDXlRYuDrCLQpK9WzUbT7hKivwRZ1wYB rzDR/Np/T5pTCeoTC5dBN2vtDJlx1FpCnAhltrT+esljth/LMgMLvBzgZ83fwnnq CHt4PxgpAmE=qsFz -----END PGP SIGNATURE----- -- RHSA-announce mailing list
May 16, 2023
•Important
Red Hat
98
security advisorysecurity fixRed Hat Enterprise LinuxRed Hat 9: RHSA-2022-8385-01 Moderate: DHCP Cache Poisoning Fix
An update for dhcp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: dhcp security and enhancement update Advisory ID: RHSA-2022:8385-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:8385 Issue date: 2022-11-15 CVE Names: CVE-2021-25220 ==================================================================== 1. Summary: An update for dhcp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix(es): * bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Noteslinked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2064512 - CVE-2021-25220 bind: DNS forwarders - cache poisoning vulnerability 6. Package List: Red Hat Enterprise Linux BaseOS (v. 9): Source: dhcp-4.4.2-17.b1.el9.src.rpm aarch64: dhcp-client-4.4.2-17.b1.el9.aarch64.rpm dhcp-client-debuginfo-4.4.2-17.b1.el9.aarch64.rpm dhcp-debuginfo-4.4.2-17.b1.el9.aarch64.rpm dhcp-debugsource-4.4.2-17.b1.el9.aarch64.rpm dhcp-relay-4.4.2-17.b1.el9.aarch64.rpm dhcp-relay-debuginfo-4.4.2-17.b1.el9.aarch64.rpm dhcp-server-4.4.2-17.b1.el9.aarch64.rpm dhcp-server-debuginfo-4.4.2-17.b1.el9.aarch64.rpm noarch: dhcp-common-4.4.2-17.b1.el9.noarch.rpm ppc64le: dhcp-client-4.4.2-17.b1.el9.ppc64le.rpm dhcp-client-debuginfo-4.4.2-17.b1.el9.ppc64le.rpm dhcp-debuginfo-4.4.2-17.b1.el9.ppc64le.rpm dhcp-debugsource-4.4.2-17.b1.el9.ppc64le.rpm dhcp-relay-4.4.2-17.b1.el9.ppc64le.rpm dhcp-relay-debuginfo-4.4.2-17.b1.el9.ppc64le.rpm dhcp-server-4.4.2-17.b1.el9.ppc64le.rpm dhcp-server-debuginfo-4.4.2-17.b1.el9.ppc64le.rpm s390x: dhcp-client-4.4.2-17.b1.el9.s390x.rpm dhcp-client-debuginfo-4.4.2-17.b1.el9.s390x.rpm dhcp-debuginfo-4.4.2-17.b1.el9.s390x.rpm dhcp-debugsource-4.4.2-17.b1.el9.s390x.rpm dhcp-relay-4.4.2-17.b1.el9.s390x.rpm dhcp-relay-debuginfo-4.4.2-17.b1.el9.s390x.rpm dhcp-server-4.4.2-17.b1.el9.s390x.rpm dhcp-server-debuginfo-4.4.2-17.b1.el9.s390x.rpm x86_64: dhcp-client-4.4.2-17.b1.el9.x86_64.rpm dhcp-client-debuginfo-4.4.2-17.b1.el9.x86_64.rpm dhcp-debuginfo-4.4.2-17.b1.el9.x86_64.rpm dhcp-debugsource-4.4.2-17.b1.el9.x86_64.rpm dhcp-relay-4.4.2-17.b1.el9.x86_64.rpm dhcp-relay-debuginfo-4.4.2-17.b1.el9.x86_64.rpm dhcp-server-4.4.2-17.b1.el9.x86_64.rpm dhcp-server-debuginfo-4.4.2-17.b1.el9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are availablefrom https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2021-25220 https://access.redhat.com/security/updates/classification#moderate https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.1_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY3OMVdzjgjWX9erEAQgg5Q/9GNmAtI+t0NtxLdcGCTpheqhoVZG1vHjN voHisaK5bsP1qFF7ZbKKN7bLfwzJwkV33KrdFW3vO/by8/N8U07qGryYoKnuF7jX 9H2mn7gJMEIt++7FFjhJm2VehvxmnSN2awX5aUydUnKbfXaP77XOk2fb4Jg6rFKl pvrL9vl7TQpJQzLp8eFI/w1zMrU6aALBIy4bw/panKetYsDRWGA+tIQEM9qm2n4X V9VpiP3CmCrCTYn6MHePjiUkBN252qeU0Qr81VVn4UWBeyyykdClSUgJhBB2aS3z TSXDjO8WVbTDXWQ1bFRFQa57Z3IoBQoUB3Yj2HQN1b2iV7U29YXawnA/RmNHgyar H8dmtGy5rrdd8nYUSGnxqag3zmViEgc4HsQ4NGTPIh38kjj8qohicjgKUClZAxmG nsH2pKpwkMtalYrkfBIArIAeN7FQMAgZIkO3S9lJOtA+C7NSrrvKGTzQSlwgsLQw 5MqdZSNRwUt31o8+QxZcO1hFgLRx++w9chU5xgECEXWGqXGCHW6zF/JL0PUZhOdi DbZOkPIdfM4Cx89BSaR1c7zwKyRLcsB737ZC+c80lTpRVQXsSX0otJup1+Bx54DW tvPv8ywupwhiXPF9qFczUVCRsfIQfr5gf3LFEk4lbgRl9h3fK6lV/whgSH63AK2P OhiYTf67ksE=N5XF -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Nov 15, 2022
Red Hat
98
security advisoryRed Hatbuffer overflowRed Hat: RHSA-2021-2415-01 Important DHCP Buffer Overflow Issue
An update for dhcp is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: dhcp security update Advisory ID: RHSA-2021:2415-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2415 Issue date: 2021-06-14 CVE Names: CVE-2021-25217 ==================================================================== 1. Summary: An update for dhcp is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.3) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.3) - x86_64 3. Description: The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix(es): * dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply thisupdate, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1963258 - CVE-2021-25217 dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.3): Source: dhcp-4.2.5-47.el7_3.2.src.rpm x86_64: dhclient-4.2.5-47.el7_3.2.x86_64.rpm dhcp-4.2.5-47.el7_3.2.x86_64.rpm dhcp-common-4.2.5-47.el7_3.2.x86_64.rpm dhcp-debuginfo-4.2.5-47.el7_3.2.i686.rpm dhcp-debuginfo-4.2.5-47.el7_3.2.x86_64.rpm dhcp-libs-4.2.5-47.el7_3.2.i686.rpm dhcp-libs-4.2.5-47.el7_3.2.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 7.3): x86_64: dhcp-debuginfo-4.2.5-47.el7_3.2.i686.rpm dhcp-debuginfo-4.2.5-47.el7_3.2.x86_64.rpm dhcp-devel-4.2.5-47.el7_3.2.i686.rpm dhcp-devel-4.2.5-47.el7_3.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2021-25217 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYMevOtzjgjWX9erEAQjnew/+PuowTw+ecMLl6J0anstu6jdg4vtmfRx3 DSSPxKZglEIKPLEu8/IBbu+FTAMtrS6GSGjHcGkZYkbaF7iTrUlv6h9Si4VEys4K yA29JWy1wYmvvfWKkJeVrRfC8WB9irFxeXL3gFmYUC2EE2i028eUcaPkFWtcTtlY TxQ9NLTNIC0tqJcQibZUlS7Jdv7NFgMlGYe2Mt/f1ddxwzt1TKCg5eBSnnn7ysC0 hHvSt8KFQ4Hq79d06sqgPNKSUz5FDEBncDozpvPNfpLIPUpx/wlK8HslE+IySit/ G2RkE1VTnS86HHcaa/tAf2Rkh9mbvnd8b/kwOW62QSeGuqtLou4KYgvtScgmuoyx NG5HzUq4ly/cuuyxTMLRLuj9ValaLNEKwy2KbiqFuQdUOzYyvsx9R2Pek5h2ID1T d+CQSboecS3tNBr1+CJ+qCofWwGxuSrO3j5aWfafghxh+kbo1iqK42TuOuav/dmz zt/5KcqGMZE4588Sg+CHY6Yh4iY53BRa1886pUU9In+d4XKXDEtCXGAABAtj3hMC fyvSA6mXpKyN6gnhh6yko10LlzYxSNVf/VgRAsyQk8FpPK5RjUhgG48hWNivXiIm TCj1oukZhj2XFXyHHEVSGmpPat9aAhbvOdAJX0CifQUgC+1rnPMZmPj2qBhqQm6j 6yN1IebYnhQ=NxWC -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jun 14, 2021
•Important
Red Hat
172
security advisorydenial of servicenetwork trafficUbuntu 12.04 LTS USN-1571-1 Moderate: isc-dhcp Denial Of Service
DHCP could be made to crash if it received specially crafted network traffic.. =========================================================================Ubuntu Security Notice USN-1571-1 September 18, 2012 dhcp3, isc-dhcp vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.04 LTS Summary: DHCP could be made to crash if it received specially crafted network traffic. Software Description: - isc-dhcp: DHCP server and client - dhcp3: DHCP server and client Details: Glen Eustace discovered that the DHCP server incorrectly handled IPv6 expiration times. A remote attacker could use this issue to cause DHCP to crash, resulting in a denial of service. This issue only affected Ubuntu 11.04, Ubuntu 11.10 and Ubuntu 12.04 LTS. (CVE-2012-3955) Dan Rosenberg discovered that the DHCP AppArmor profile could be escaped by using environment variables. This update mitigates the issue by sanitizing certain variables in the DHCP shell scripts. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: isc-dhcp-client 4.1.ESV-R4-0ubuntu5.5 isc-dhcp-server 4.1.ESV-R4-0ubuntu5.5 Ubuntu 11.10: isc-dhcp-client 4.1.1-P1-17ubuntu10.5 isc-dhcp-server 4.1.1-P1-17ubuntu10.5 Ubuntu 11.04: isc-dhcp-client 4.1.1-P1-15ubuntu9.6 isc-dhcp-server 4.1.1-P1-15ubuntu9.6 Ubuntu 10.04 LTS: dhcp3-client 3.1.3-2ubuntu3.4 dhcp3-server 3.1.3-2ubuntu3.4 In general, a standard system update will make all the necessary changes. References: CVE-2012-3955, https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1016643 Package Information: https://launchpad.net/ubuntu/+source/isc-dhcp/4.1.ESV-R4-0ubuntu5.5 https://launchpad.net/ubuntu/+source/isc-dhcp/4.1.1-P1-17ubuntu10.5 https://launchpad.net/ubuntu/+source/isc-dhcp/4.1.1-P1-15ubuntu9.6 https://launchpad.net/ubuntu/+source/dhcp3/3.1.3-2ubuntu3.4 . The Debian Security Advisory DSA-4565-1 outlines a vulnerability related to the management of files and recommends urgent upgrades for impacted distributions.. isc-dhcp Vulnerability, DHCP Crash Fix, Ubuntu 12.04 LTS Security. . LinuxSecurity.com Team
Sep 18, 2012
Ubuntu
98
security advisorysecurity issueDoS attackRed Hat 5 RHSA-2012:1140-01 Moderate: dhcp Denial of Service Fix
Updated dhcp packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: dhcp security update Advisory ID: RHSA-2012:1140-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2012:1140.html Issue date: 2012-08-03 CVE Names: CVE-2012-3571 ==================================================================== 1. Summary: Updated dhcp packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. A denial of service flaw was found in the way the dhcpd daemon handled zero-length client identifiers. A remote attacker could use this flaw to send a specially-crafted request to dhcpd, possibly causing it to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2012-3571) Upstream acknowledges Markus Hietava of the Codenomicon CROSS project as the original reporter of this issue. Users of DHCP should upgrade to these updated packages,which contain a backported patch to correct this issue. After installing this update, all DHCP servers will be restarted automatically. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 842420 - CVE-2012-3571 dhcp: DoS due to error in handling malformed client identifiers 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: dhclient-3.0.5-31.el5_8.1.i386.rpm dhcp-debuginfo-3.0.5-31.el5_8.1.i386.rpm libdhcp4client-3.0.5-31.el5_8.1.i386.rpm x86_64: dhclient-3.0.5-31.el5_8.1.x86_64.rpm dhcp-debuginfo-3.0.5-31.el5_8.1.i386.rpm dhcp-debuginfo-3.0.5-31.el5_8.1.x86_64.rpm libdhcp4client-3.0.5-31.el5_8.1.i386.rpm libdhcp4client-3.0.5-31.el5_8.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: i386: dhcp-3.0.5-31.el5_8.1.i386.rpm dhcp-debuginfo-3.0.5-31.el5_8.1.i386.rpm dhcp-devel-3.0.5-31.el5_8.1.i386.rpm libdhcp4client-devel-3.0.5-31.el5_8.1.i386.rpm x86_64: dhcp-3.0.5-31.el5_8.1.x86_64.rpm dhcp-debuginfo-3.0.5-31.el5_8.1.i386.rpm dhcp-debuginfo-3.0.5-31.el5_8.1.x86_64.rpm dhcp-devel-3.0.5-31.el5_8.1.i386.rpm dhcp-devel-3.0.5-31.el5_8.1.x86_64.rpm libdhcp4client-devel-3.0.5-31.el5_8.1.i386.rpm libdhcp4client-devel-3.0.5-31.el5_8.1.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: i386: dhclient-3.0.5-31.el5_8.1.i386.rpm dhcp-3.0.5-31.el5_8.1.i386.rpm dhcp-debuginfo-3.0.5-31.el5_8.1.i386.rpm dhcp-devel-3.0.5-31.el5_8.1.i386.rpm libdhcp4client-3.0.5-31.el5_8.1.i386.rpm libdhcp4client-devel-3.0.5-31.el5_8.1.i386.rpm ia64: dhclient-3.0.5-31.el5_8.1.ia64.rpm dhcp-3.0.5-31.el5_8.1.ia64.rpm dhcp-debuginfo-3.0.5-31.el5_8.1.ia64.rpm dhcp-devel-3.0.5-31.el5_8.1.ia64.rpm libdhcp4client-3.0.5-31.el5_8.1.ia64.rpm libdhcp4client-devel-3.0.5-31.el5_8.1.ia64.rpm ppc: dhclient-3.0.5-31.el5_8.1.ppc.rpm dhcp-3.0.5-31.el5_8.1.ppc.rpm dhcp-debuginfo-3.0.5-31.el5_8.1.ppc.rpm dhcp-debuginfo-3.0.5-31.el5_8.1.ppc64.rpm dhcp-devel-3.0.5-31.el5_8.1.ppc.rpm dhcp-devel-3.0.5-31.el5_8.1.ppc64.rpm libdhcp4client-3.0.5-31.el5_8.1.ppc.rpm libdhcp4client-3.0.5-31.el5_8.1.ppc64.rpm libdhcp4client-devel-3.0.5-31.el5_8.1.ppc.rpm libdhcp4client-devel-3.0.5-31.el5_8.1.ppc64.rpm s390x: dhclient-3.0.5-31.el5_8.1.s390x.rpm dhcp-3.0.5-31.el5_8.1.s390x.rpm dhcp-debuginfo-3.0.5-31.el5_8.1.s390.rpm dhcp-debuginfo-3.0.5-31.el5_8.1.s390x.rpm dhcp-devel-3.0.5-31.el5_8.1.s390.rpm dhcp-devel-3.0.5-31.el5_8.1.s390x.rpm libdhcp4client-3.0.5-31.el5_8.1.s390.rpm libdhcp4client-3.0.5-31.el5_8.1.s390x.rpm libdhcp4client-devel-3.0.5-31.el5_8.1.s390.rpm libdhcp4client-devel-3.0.5-31.el5_8.1.s390x.rpm x86_64: dhclient-3.0.5-31.el5_8.1.x86_64.rpm dhcp-3.0.5-31.el5_8.1.x86_64.rpm dhcp-debuginfo-3.0.5-31.el5_8.1.i386.rpm dhcp-debuginfo-3.0.5-31.el5_8.1.x86_64.rpm dhcp-devel-3.0.5-31.el5_8.1.i386.rpm dhcp-devel-3.0.5-31.el5_8.1.x86_64.rpm libdhcp4client-3.0.5-31.el5_8.1.i386.rpm libdhcp4client-3.0.5-31.el5_8.1.x86_64.rpm libdhcp4client-devel-3.0.5-31.el5_8.1.i386.rpm libdhcp4client-devel-3.0.5-31.el5_8.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7.References: https://access.redhat.com/security/cve/CVE-2012-3571 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQGyZzXlSAg2UNWIIRAsb0AJ9/TUNO3JmvLmg6hSOz/5UZuqQ68wCcCEJv jupifnoJK/NuU+dLA6j3KpU=DEre -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Aug 03, 2012
Red Hat
217
security advisoryDoSmoderate severityOracle Linux 6: ELSA-2011-1819 Moderate: DHCP DoS Threat
The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2011-1819 https://access.redhat.com/errata/RHSA-2011:1819.html The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: i386: dhclient-4.1.1-25.P1.el6_2.1.i686.rpm dhcp-4.1.1-25.P1.el6_2.1.i686.rpm dhcp-common-4.1.1-25.P1.el6_2.1.i686.rpm dhcp-devel-4.1.1-25.P1.el6_2.1.i686.rpm x86_64: dhclient-4.1.1-25.P1.el6_2.1.x86_64.rpm dhcp-4.1.1-25.P1.el6_2.1.x86_64.rpm dhcp-common-4.1.1-25.P1.el6_2.1.x86_64.rpm dhcp-devel-4.1.1-25.P1.el6_2.1.i686.rpm dhcp-devel-4.1.1-25.P1.el6_2.1.x86_64.rpm SRPMS: https://oss.oracle.com:443/ol6/SRPMS-updates/dhcp-4.1.1-25.P1.el6_2.1.src.rpm Description of changes: [12:4.1.1-25.P1.1] - DoS due to processing certain regular expressions (CVE-2011-4539, #765682) . The Oracle Linux Advisory ELSA-2011-1820 outlines a significant update to OpenSSH aimed at addressing numerous vulnerabilities that could allow unauthorized access to system resources.. Oracle Linux Update, Moderate Security Update, DHCP Fix. . LinuxSecurity.com Team
Dec 17, 2011
Oracle
98
security advisorysecurity issuecode executionRed Hat Enterprise Linux 3: RHSA-2011:0840-01 Critical: DHCP Code Exec Risk
Updated dhcp packages that fix one security issue are now available for Red Hat Enterprise Linux 3 Extended Life Cycle Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: dhcp security update Advisory ID: RHSA-2011:0840-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2011:0840.html Issue date: 2011-05-31 CVE Names: CVE-2011-0997 ==================================================================== 1. Summary: Updated dhcp packages that fix one security issue are now available for Red Hat Enterprise Linux 3 Extended Life Cycle Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (v. 3 ELS) - i386 Red Hat Enterprise Linux ES (v. 3 ELS) - i386 3. Description: The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. It was discovered that the DHCP client daemon, dhclient, did not sufficiently sanitize certain options provided in DHCP server replies, such as the client hostname. A malicious DHCP server could send such an option with a specially-crafted value to a DHCP client. If this option's value was saved on the client system, and then later insecurely evaluated by a process that assumes the option is trusted, it could lead to arbitrary code execution with the privileges of that process. (CVE-2011-0997) Red Hat wouldlike to thank Sebastian Krahmer of the SuSE Security Team for reporting this issue. All dhclient users should upgrade to these updated packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 689832 - CVE-2011-0997 dhclient: insufficient sanitization of certain DHCP response values 6. Package List: Red Hat Enterprise Linux AS (v. 3 ELS): Source: dhcp-3.0.1-10.3_EL3.src.rpm i386: dhclient-3.0.1-10.3_EL3.i386.rpm dhcp-3.0.1-10.3_EL3.i386.rpm dhcp-debuginfo-3.0.1-10.3_EL3.i386.rpm dhcp-devel-3.0.1-10.3_EL3.i386.rpm Red Hat Enterprise Linux ES (v. 3 ELS): Source: dhcp-3.0.1-10.3_EL3.src.rpm i386: dhclient-3.0.1-10.3_EL3.i386.rpm dhcp-3.0.1-10.3_EL3.i386.rpm dhcp-debuginfo-3.0.1-10.3_EL3.i386.rpm dhcp-devel-3.0.1-10.3_EL3.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2011-0997 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFN5QSLXlSAg2UNWIIRAsdVAJ9mkD7RcbzsYOkK8JnEQsRSeelYuwCeNmZd LdK24/RBkJXiFOiY5pI8Eig=HTuE -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
May 31, 2011
•Important
Red Hat
98
security advisoryRed Hat Enterprise Linuxmoderate severityRHSA-2010:0923-01 for Red Hat Enterprise Linux 6: Moderate DHCP Crash Issue
Updated dhcp packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Moderate: dhcp security update Advisory ID: RHSA-2010:0923-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2010:0923.html Issue date: 2010-11-30 CVE Names: CVE-2010-3611 ==================================================================== 1. Summary: Updated dhcp packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. DHCPv6 is the DHCP protocol version for IPv6 networks. A NULL pointer dereference flaw was discovered in the way the dhcpd daemon parsed DHCPv6 packets. A remote attacker could use this flaw to crash dhcpd via a specially-crafted DHCPv6 packet, if dhcpd wasrunning as a DHCPv6 server. (CVE-2010-3611) Users running dhcpd as a DHCPv6 server should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, all DHCP servers will be restarted automatically. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 649877 - CVE-2010-3611 dhcp: NULL pointer dereference crash via crafted DHCPv6 packet 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: i386: dhclient-4.1.1-12.P1.el6_0.1.i686.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.1.i686.rpm x86_64: dhclient-4.1.1-12.P1.el6_0.1.x86_64.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.1.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: i386: dhcp-4.1.1-12.P1.el6_0.1.i686.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.1.i686.rpm dhcp-devel-4.1.1-12.P1.el6_0.1.i686.rpm x86_64: dhcp-4.1.1-12.P1.el6_0.1.x86_64.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.1.i686.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.1.x86_64.rpm dhcp-devel-4.1.1-12.P1.el6_0.1.i686.rpm dhcp-devel-4.1.1-12.P1.el6_0.1.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: x86_64: dhclient-4.1.1-12.P1.el6_0.1.x86_64.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: x86_64: dhcp-4.1.1-12.P1.el6_0.1.x86_64.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.1.i686.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.1.x86_64.rpm dhcp-devel-4.1.1-12.P1.el6_0.1.i686.rpm dhcp-devel-4.1.1-12.P1.el6_0.1.x86_64.rpm Red Hat Enterprise Linux Server (v.6): Source: i386: dhclient-4.1.1-12.P1.el6_0.1.i686.rpm dhcp-4.1.1-12.P1.el6_0.1.i686.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.1.i686.rpm ppc64: dhclient-4.1.1-12.P1.el6_0.1.ppc64.rpm dhcp-4.1.1-12.P1.el6_0.1.ppc64.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.1.ppc64.rpm s390x: dhclient-4.1.1-12.P1.el6_0.1.s390x.rpm dhcp-4.1.1-12.P1.el6_0.1.s390x.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.1.s390x.rpm x86_64: dhclient-4.1.1-12.P1.el6_0.1.x86_64.rpm dhcp-4.1.1-12.P1.el6_0.1.x86_64.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: i386: dhcp-debuginfo-4.1.1-12.P1.el6_0.1.i686.rpm dhcp-devel-4.1.1-12.P1.el6_0.1.i686.rpm ppc64: dhcp-debuginfo-4.1.1-12.P1.el6_0.1.ppc.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.1.ppc64.rpm dhcp-devel-4.1.1-12.P1.el6_0.1.ppc.rpm dhcp-devel-4.1.1-12.P1.el6_0.1.ppc64.rpm s390x: dhcp-debuginfo-4.1.1-12.P1.el6_0.1.s390.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.1.s390x.rpm dhcp-devel-4.1.1-12.P1.el6_0.1.s390.rpm dhcp-devel-4.1.1-12.P1.el6_0.1.s390x.rpm x86_64: dhcp-debuginfo-4.1.1-12.P1.el6_0.1.i686.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.1.x86_64.rpm dhcp-devel-4.1.1-12.P1.el6_0.1.i686.rpm dhcp-devel-4.1.1-12.P1.el6_0.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: i386: dhclient-4.1.1-12.P1.el6_0.1.i686.rpm dhcp-4.1.1-12.P1.el6_0.1.i686.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.1.i686.rpm x86_64: dhclient-4.1.1-12.P1.el6_0.1.x86_64.rpm dhcp-4.1.1-12.P1.el6_0.1.x86_64.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: i386: dhcp-debuginfo-4.1.1-12.P1.el6_0.1.i686.rpm dhcp-devel-4.1.1-12.P1.el6_0.1.i686.rpm x86_64: dhcp-debuginfo-4.1.1-12.P1.el6_0.1.i686.rpm dhcp-debuginfo-4.1.1-12.P1.el6_0.1.x86_64.rpm dhcp-devel-4.1.1-12.P1.el6_0.1.i686.rpm dhcp-devel-4.1.1-12.P1.el6_0.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7.References: https://access.redhat.com/security/cve/CVE-2010-3611 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2010 Red Hat, Inc. . Important DHCP patch resolves NULL reference issue on Red Hat Enterprise Linux 6. Upgrade advised for DHCPv6 implementations.. dhcp security, Red Hat update, network protocol security, enterprise linux advisory. . LinuxSecurity.com Team
Nov 30, 2010
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!