First published: Wed Dec 06 2017(Updated: )
A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested.
Credit: security-officer@isc.org security-officer@isc.org
Affected Software | Affected Version | How to fix |
---|---|---|
ISC DHCP | >=4.2.0<=4.2.8 | |
ISC DHCP | >=4.3.0<=4.3.6 | |
ISC DHCP | =4.1-esv | |
ISC DHCP | =4.1-esv-r1 | |
ISC DHCP | =4.1-esv-r10 | |
ISC DHCP | =4.1-esv-r10_b1 | |
ISC DHCP | =4.1-esv-r10_rc1 | |
ISC DHCP | =4.1-esv-r11 | |
ISC DHCP | =4.1-esv-r11_b1 | |
ISC DHCP | =4.1-esv-r11_rc1 | |
ISC DHCP | =4.1-esv-r11_rc2 | |
ISC DHCP | =4.1-esv-r12 | |
ISC DHCP | =4.1-esv-r12_b1 | |
ISC DHCP | =4.1-esv-r12_p1 | |
ISC DHCP | =4.1-esv-r13 | |
ISC DHCP | =4.1-esv-r13_b1 | |
ISC DHCP | =4.1-esv-r14 | |
ISC DHCP | =4.1-esv-r14_b1 | |
ISC DHCP | =4.1-esv-r15 | |
ISC DHCP | =4.1-esv-r2 | |
ISC DHCP | =4.1-esv-r3 | |
ISC DHCP | =4.1-esv-r3_b1 | |
ISC DHCP | =4.1-esv-r4 | |
ISC DHCP | =4.1-esv-r5 | |
ISC DHCP | =4.1-esv-r5_b1 | |
ISC DHCP | =4.1-esv-r5_rc1 | |
ISC DHCP | =4.1-esv-r5_rc2 | |
ISC DHCP | =4.1-esv-r6 | |
ISC DHCP | =4.1-esv-r7 | |
ISC DHCP | =4.1-esv-r8 | |
ISC DHCP | =4.1-esv-r8_b1 | |
ISC DHCP | =4.1-esv-r8_rc1 | |
ISC DHCP | =4.1-esv-r9 | |
ISC DHCP | =4.1-esv-r9_b1 | |
ISC DHCP | =4.1-esv-r9_rc1 | |
ISC DHCP | =4.1.0 | |
Redhat Enterprise Linux Desktop | =7.0 | |
Redhat Enterprise Linux Server | =7.0 | |
Redhat Enterprise Linux Server Aus | =7.4 | |
Redhat Enterprise Linux Server Aus | =7.6 | |
Redhat Enterprise Linux Server Eus | =7.4 | |
Redhat Enterprise Linux Server Eus | =7.5 | |
Redhat Enterprise Linux Server Eus | =7.6 | |
Redhat Enterprise Linux Server Tus | =7.4 | |
Redhat Enterprise Linux Server Tus | =7.6 | |
Redhat Enterprise Linux Workstation | =7.0 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =17.10 | |
Debian Debian Linux | =8.0 | |
Debian Debian Linux | =9.0 | |
debian/isc-dhcp | <=4.2.2.dfsg.1-5+deb70u8<=4.3.1-6 | 4.3.5-3.1 4.3.5-3+deb9u1 4.3.1-6+deb8u3 |
debian/isc-dhcp | 4.4.1-2.3+deb11u2 4.4.1-2.3+deb11u1 4.4.3-P1-2 4.4.3-P1-5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.