Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
98
security advisoryRed Hat Enterprise Linuxnetwork protocolRed Hat Enterprise Linux 8 RHSA-2023:3000-01 Moderate: DHCP Security Fix
An update for dhcp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: dhcp security and bug fix update Advisory ID: RHSA-2023:3000-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:3000 Issue date: 2023-05-16 CVE Names: CVE-2022-2928 CVE-2022-2929 ==================================================================== 1. Summary: An update for dhcp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix(es): * dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort (CVE-2022-2928) * dhcp: DHCP memory leak (CVE-2022-2929) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information onchanges in this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2132001 - CVE-2022-2929 dhcp: DHCP memory leak 2132002 - CVE-2022-2928 dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort 6. Package List: Red Hat Enterprise Linux BaseOS (v.8): Source: dhcp-4.3.6-49.el8.src.rpm aarch64: dhcp-client-4.3.6-49.el8.aarch64.rpm dhcp-client-debuginfo-4.3.6-49.el8.aarch64.rpm dhcp-debuginfo-4.3.6-49.el8.aarch64.rpm dhcp-debugsource-4.3.6-49.el8.aarch64.rpm dhcp-libs-4.3.6-49.el8.aarch64.rpm dhcp-libs-debuginfo-4.3.6-49.el8.aarch64.rpm dhcp-relay-4.3.6-49.el8.aarch64.rpm dhcp-relay-debuginfo-4.3.6-49.el8.aarch64.rpm dhcp-server-4.3.6-49.el8.aarch64.rpm dhcp-server-debuginfo-4.3.6-49.el8.aarch64.rpm noarch: dhcp-common-4.3.6-49.el8.noarch.rpm ppc64le: dhcp-client-4.3.6-49.el8.ppc64le.rpm dhcp-client-debuginfo-4.3.6-49.el8.ppc64le.rpm dhcp-debuginfo-4.3.6-49.el8.ppc64le.rpm dhcp-debugsource-4.3.6-49.el8.ppc64le.rpm dhcp-libs-4.3.6-49.el8.ppc64le.rpm dhcp-libs-debuginfo-4.3.6-49.el8.ppc64le.rpm dhcp-relay-4.3.6-49.el8.ppc64le.rpm dhcp-relay-debuginfo-4.3.6-49.el8.ppc64le.rpm dhcp-server-4.3.6-49.el8.ppc64le.rpm dhcp-server-debuginfo-4.3.6-49.el8.ppc64le.rpm s390x: dhcp-client-4.3.6-49.el8.s390x.rpm dhcp-client-debuginfo-4.3.6-49.el8.s390x.rpm dhcp-debuginfo-4.3.6-49.el8.s390x.rpm dhcp-debugsource-4.3.6-49.el8.s390x.rpm dhcp-libs-4.3.6-49.el8.s390x.rpm dhcp-libs-debuginfo-4.3.6-49.el8.s390x.rpm dhcp-relay-4.3.6-49.el8.s390x.rpm dhcp-relay-debuginfo-4.3.6-49.el8.s390x.rpm dhcp-server-4.3.6-49.el8.s390x.rpm dhcp-server-debuginfo-4.3.6-49.el8.s390x.rpm x86_64: dhcp-client-4.3.6-49.el8.x86_64.rpm dhcp-client-debuginfo-4.3.6-49.el8.i686.rpm dhcp-client-debuginfo-4.3.6-49.el8.x86_64.rpm dhcp-debuginfo-4.3.6-49.el8.i686.rpm dhcp-debuginfo-4.3.6-49.el8.x86_64.rpm dhcp-debugsource-4.3.6-49.el8.i686.rpm dhcp-debugsource-4.3.6-49.el8.x86_64.rpm dhcp-libs-4.3.6-49.el8.i686.rpm dhcp-libs-4.3.6-49.el8.x86_64.rpm dhcp-libs-debuginfo-4.3.6-49.el8.i686.rpm dhcp-libs-debuginfo-4.3.6-49.el8.x86_64.rpm dhcp-relay-4.3.6-49.el8.x86_64.rpm dhcp-relay-debuginfo-4.3.6-49.el8.i686.rpm dhcp-relay-debuginfo-4.3.6-49.el8.x86_64.rpm dhcp-server-4.3.6-49.el8.x86_64.rpm dhcp-server-debuginfo-4.3.6-49.el8.i686.rpm dhcp-server-debuginfo-4.3.6-49.el8.x86_64.rpm These packages are GPGsigned by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-2928 https://access.redhat.com/security/cve/CVE-2022-2929 https://access.redhat.com/security/updates/classification#moderate https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/8.8_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZGNwt9zjgjWX9erEAQjjvw/+Jw8GNCDAtyunlAQK0/tamRTxy66riF1m 54fmdZpVsm9rj/X5r3aawojmYvI85OEj7JRLQmjrVxlaYRdRo6nijkUlSAkD8fxP 3YWBc/xdxxrXWUHF+1e2q3oKg+rbsnOmvfEmaujhN9RC64t2ak5GH5NYdr3moxwA LKEr3N40kE//2t2tfkNSTrfMLeBHSSB8CCcJEjgkdYLJorXTF9OHUGfhpM+kssE8 4vVOjawKsmkfSJ6BM8cnmU0l4MnWrcTgsP8ulZ8Z+PAzsEOf8bYwkHB9n9f9uBPB fSepZkeMo0v2gizm7EVY4f1b2NstGjTDufG9Nqqc2Ier3CtHduEJtOAfiVqgudVb +bCxF2C1jehu7ZJBCy238cbUyrmqMGug6IwrumFcynuisaDwBbfxGudB2BGNNQSf p/DGAAQq8Q+ltS+k/oXxmOhuJjyVdEwOFPp3FCdM/7TLHKrMuHoa3EeXFy3gmH1q J2dt9q8n8BBtCf8I9rd4x0DuLzxFBHjtqktM2SWc7kgLYA7EAEDCt1riSI+YdEOF jRstPLVzU2r04W7Q6w8EJ4v6nKFucvPWwDXlRYuDrCLQpK9WzUbT7hKivwRZ1wYB rzDR/Np/T5pTCeoTC5dBN2vtDJlx1FpCnAhltrT+esljth/LMgMLvBzgZ83fwnnq CHt4PxgpAmE=qsFz -----END PGP SIGNATURE----- -- RHSA-announce mailing list
May 16, 2023
•Important
Red Hat
98
security advisoryRed Hat Enterprise Linuxmoderate severityRedHat Enterprise Linux 9 RHSA-2023-2502-01 Moderate DHCP Service Update
An update for dhcp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: dhcp security and enhancement update Advisory ID: RHSA-2023:2502-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:2502 Issue date: 2023-05-09 CVE Names: CVE-2022-2928 CVE-2022-2929 ==================================================================== 1. Summary: An update for dhcp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix(es): * dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort (CVE-2022-2928) * dhcp: DHCP memory leak (CVE-2022-2929) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed informationon changes in this release, see the Red Hat Enterprise Linux 9.2 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2095396 - [RFE] dhcp use systemd-sysusers2132001 - CVE-2022-2929 dhcp: DHCP memory leak 2132002 - CVE-2022-2928 dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort 6. Package List: Red Hat Enterprise Linux BaseOS (v.9): Source: dhcp-4.4.2-18.b1.el9.src.rpm aarch64: dhcp-client-4.4.2-18.b1.el9.aarch64.rpm dhcp-client-debuginfo-4.4.2-18.b1.el9.aarch64.rpm dhcp-debuginfo-4.4.2-18.b1.el9.aarch64.rpm dhcp-debugsource-4.4.2-18.b1.el9.aarch64.rpm dhcp-relay-4.4.2-18.b1.el9.aarch64.rpm dhcp-relay-debuginfo-4.4.2-18.b1.el9.aarch64.rpm dhcp-server-4.4.2-18.b1.el9.aarch64.rpm dhcp-server-debuginfo-4.4.2-18.b1.el9.aarch64.rpm noarch: dhcp-common-4.4.2-18.b1.el9.noarch.rpm ppc64le: dhcp-client-4.4.2-18.b1.el9.ppc64le.rpm dhcp-client-debuginfo-4.4.2-18.b1.el9.ppc64le.rpm dhcp-debuginfo-4.4.2-18.b1.el9.ppc64le.rpm dhcp-debugsource-4.4.2-18.b1.el9.ppc64le.rpm dhcp-relay-4.4.2-18.b1.el9.ppc64le.rpm dhcp-relay-debuginfo-4.4.2-18.b1.el9.ppc64le.rpm dhcp-server-4.4.2-18.b1.el9.ppc64le.rpm dhcp-server-debuginfo-4.4.2-18.b1.el9.ppc64le.rpm s390x: dhcp-client-4.4.2-18.b1.el9.s390x.rpm dhcp-client-debuginfo-4.4.2-18.b1.el9.s390x.rpm dhcp-debuginfo-4.4.2-18.b1.el9.s390x.rpm dhcp-debugsource-4.4.2-18.b1.el9.s390x.rpm dhcp-relay-4.4.2-18.b1.el9.s390x.rpm dhcp-relay-debuginfo-4.4.2-18.b1.el9.s390x.rpm dhcp-server-4.4.2-18.b1.el9.s390x.rpm dhcp-server-debuginfo-4.4.2-18.b1.el9.s390x.rpm x86_64: dhcp-client-4.4.2-18.b1.el9.x86_64.rpm dhcp-client-debuginfo-4.4.2-18.b1.el9.x86_64.rpm dhcp-debuginfo-4.4.2-18.b1.el9.x86_64.rpm dhcp-debugsource-4.4.2-18.b1.el9.x86_64.rpm dhcp-relay-4.4.2-18.b1.el9.x86_64.rpm dhcp-relay-debuginfo-4.4.2-18.b1.el9.x86_64.rpm dhcp-server-4.4.2-18.b1.el9.x86_64.rpm dhcp-server-debuginfo-4.4.2-18.b1.el9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-2928 https://access.redhat.com/security/cve/CVE-2022-2929 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index 8. Contact: The Red Hat security contact is . Morecontact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZFo0xdzjgjWX9erEAQjo7hAAkuIXb+7jvbfgVporTFkoXaCBJlNY4LRb ugTIUnzZ0xBBmaU6OpNz50atMV447UpihQXZEVcQ5KTtxpyJj0cuP61cz22XTxhm gByefYdayJqR5Ey7e7jBYuEK40/W186f4PPA6kpsYs4+eEtD2hGSlQvnGbjH7zPe rcrZ3sedLG6ea3NkgWPVaQeZ8wzl2xpAXezHn954/bngjQC30ouBQod+VkYNujH9 c89ovLgEyYei1TUdveEStGNnxhZwtAj+OxuL5fCj4VEAV75KfhCGNBC1WKv2gTs0 V7PTH+xT9GEEV1XR7I5A0RJqi3pVCsGAYEILyP1s5UhAohHLpfvH6QBUvOcRc3z7 eagfX/DmiMAtWhGvzh6+qamZsy2AhgPot8WYu7mRMW2VW/fC1j+8ZAAH/deloGNw L38UBLWFbEuWUprcSsun2UfHYjsYsugrgF3u5R4e7V4s5kfF4pUJLkMkLsxZmoQf y6dPdvHi8suO1rJtf2gQ29E8nQKHFnMq1fhPYhJZNVoeK7+Tv6kl0kbVmIQPcFIs AfXBt0vqMA70JHTSk25jRin1utajkX1PjAIIL2Co3NbKQLSACT+mJMIhBEBbr2yY t8rcCQJng+yqYwbwLIo33LnII06krJBlmO7Y9jMyJQixOTFmixEmX8Wf26C9cTFY zUtFx7TRzEY=wJde -----END PGP SIGNATURE----- -- RHSA-announce mailing list
May 09, 2023
Red Hat
100
security advisorymoderatememory leakSUSE Linux 12-SP5: 2022:3992-1 Moderate: DHCP Memory Leak
An update that fixes two vulnerabilities is now available. . SUSE Security Update: Security update for dhcp ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3992-1 Rating: moderate References: #1203988 #1203989 Cross-References: CVE-2022-2928 CVE-2022-2929 CVSS scores: CVE-2022-2928 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-2928 (SUSE): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-2929 (NVD) : 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-2929 (SUSE): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for dhcp fixes the following issues: - CVE-2022-2928: Fixed an option refcount overflow (bsc#1203988). - CVE-2022-2929: Fixed a DHCP memory leak (bsc#1203989). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-3992=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-3992=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): dhcp-debuginfo-4.3.3-10.28.1 dhcp-debugsource-4.3.3-10.28.1 dhcp-devel-4.3.3-10.28.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): dhcp-4.3.3-10.28.1 dhcp-client-4.3.3-10.28.1 dhcp-client-debuginfo-4.3.3-10.28.1 dhcp-debuginfo-4.3.3-10.28.1 dhcp-debugsource-4.3.3-10.28.1 dhcp-relay-4.3.3-10.28.1 dhcp-relay-debuginfo-4.3.3-10.28.1 dhcp-server-4.3.3-10.28.1 dhcp-server-debuginfo-4.3.3-10.28.1 References: https://www.suse.com/security/cve/CVE-2022-2928.html https://www.suse.com/security/cve/CVE-2022-2929.html https://bugzilla.suse.com/1203988 https://bugzilla.suse.com/1203989 . A release from SUSE tackles significant vulnerabilities in DNS, categorized with intermediate severity ratings for corporate systems.. SUSE Linux, Security Update, DHCP Fixes, Enterprise Server, Software Patch. . LinuxSecurity.com Team
Nov 15, 2022
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!