vulnerability
Oracle Linux: CVE-2018-5733: ELSA-2018-0469: dhcp security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:H/Au:N/C:N/I:N/A:C) | 02/28/2018 | 03/02/2020 | 01/07/2025 |
Severity
5
CVSS
(AV:N/AC:H/Au:N/C:N/I:N/A:C)
Published
02/28/2018
Added
03/02/2020
Modified
01/07/2025
Description
A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0.
A denial of service flaw was found in the way dhcpd handled reference counting when processing client requests. A malicious DHCP client could use this flaw to trigger a reference count overflow on the server side, potentially causing dhcpd to crash, by sending large amounts of traffic.
A denial of service flaw was found in the way dhcpd handled reference counting when processing client requests. A malicious DHCP client could use this flaw to trigger a reference count overflow on the server side, potentially causing dhcpd to crash, by sending large amounts of traffic.
Solution(s)
oracle-linux-upgrade-dhclientoracle-linux-upgrade-dhcporacle-linux-upgrade-dhcp-commonoracle-linux-upgrade-dhcp-develoracle-linux-upgrade-dhcp-libs
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.