[pkg-dhcp-devel] Bug#611217: CVE-2011-0413: crash after DHCPv6 decline message
Moritz Mühlenhoff
jmm at inutil.org
Wed Feb 2 20:15:39 UTC 2011
On Wed, Jan 26, 2011 at 03:24:19PM -0600, Raphael Geissert wrote:
> Package: isc-dhcp-server
> Version: 4.1.1-P1-15
> Severity: grave
> Tags: security patch
>
> Hi Ari,
>
> Just as a public record, the following advisory (CVE-2011-0413[0]) has been
> published by ISC[1]:
>
> > When the DHCPv6 server code processes a message for an address that was
> > previously declined and internally tagged as abandoned it can trigger an
> > assert failure resulting in the server crashing. This could be used to
> > crash DHCPv6 servers remotely. This issue only affects DHCPv6 servers.
> > DHCPv4 servers are unaffected.
>
> I'm attaching the patch that was used for 4.1-ESV, which applies almost
> cleanly in 4.1.1-P1 (3 lines diff between hunks.) I have not tested it, though.
>
>
> [0]http://security-tracker.debian.org/tracker/CVE-2011-0413
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0413
> [1]http://www.isc.org/software/dhcp/advisories/cve-2011-0413
Why was there no maintainer reaction since a week? No we need to prepare
a DSA for this :-/
Cheers,
Moritz
More information about the pkg-dhcp-devel
mailing list