Dhcp Buffer Overflow in 'dhclient' Lets Remote Servers Cause the Target Client to Crash
|
SecurityTracker Alert ID: 1040436 |
SecurityTracker URL: http://securitytracker.com/id/1040436
|
CVE Reference:
CVE-2018-5732
(Links to External Site)
|
Date: Feb 28 2018
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 4.1.0 - 4.1-ESV-R15, 4.2.0 - 4.2.8, 4.3.0 - 4.3.6, 4.4.0
|
Description:
A vulnerability was reported in Dhcp. A remote user can cause the target dhclient to crash.
A remote server can return a specially crafted response to trigger a buffer overflow in the processing of DHCP options and cause the target dhclient to crash.
Felix Wilhelm, Google Security Team, reported this vulnerability.
|
Impact:
A remote user can cause the target dhclient to crash.
|
Solution:
The vendor has issued a fix (4.1-ESV-R15-P1, 4.3.6-P1, 4.4.1).
The vendor advisory is available at:
https://kb.isc.org/article/AA-01565/75/CVE-2018-5732
|
Vendor URL: kb.isc.org/article/AA-01565/75/CVE-2018-5732 (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Subject: https://kb.isc.org/article/AA-01565/75/CVE-2018-5732
|
|
|