vulnerability
Amazon Linux AMI 2: CVE-2017-3144: Security patch for dhcp (ALAS-2018-963)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Jan 16, 2019 | Apr 27, 2020 | Nov 27, 2024 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Jan 16, 2019
Added
Apr 27, 2020
Modified
Nov 27, 2024
Description
A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested.
Solutions
amazon-linux-ami-2-upgrade-dhclientamazon-linux-ami-2-upgrade-dhcpamazon-linux-ami-2-upgrade-dhcp-commonamazon-linux-ami-2-upgrade-dhcp-debuginfoamazon-linux-ami-2-upgrade-dhcp-develamazon-linux-ami-2-upgrade-dhcp-libs
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.