A potential remote denial of service attack affects version 3 of the ISC DHCPD server. This advisory provides fixed packages for Red Hat Linux 8.0.
The dhcp package provides the ISC Dynamic Host Configuration Protocol (DHCP) server and relay agent. DHCP is a protocol that allows devices to get their own network configuration information from a server. Florian Lohoff reported that the ISC dhcrelay (dhcp-relay) in 3.0rc9 and earlier allows remote attackers to cause a denial of service (packet storm) by constructing a malicious BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop. Red Hat Linux 8.0 shipped with a version of DHCP that is vulnerable to this issue. Other distributions of Red Hat Linux and Red Hat Linux Advanced Server are based on version 2 of DHCP, and are not vulnerable to this issue. These erratum packages contain a patch that introduces a new command line switch to dhcrelay, "-c maxcount". This switch can be used to limit the hopcount and so avoid any infinite loops. We advise users of dhcp-relay to specify a small number for the maximum hop count; for example "dhcrelay -c 10".