CVE-2022-2929: DHCP memory leak
First published: Fri Oct 07 2022(Updated: )
In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.
Credit: security-officer@isc.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ISC DHCP Server | >=1.0.0<4.1-esv | |
| ISC DHCP Server | >=4.2.0<=4.4.3 | |
| ISC DHCP Server | =4.1-esv-r1 | |
| ISC DHCP Server | =4.1-esv-r10 | |
| ISC DHCP Server | =4.1-esv-r10_b1 | |
| ISC DHCP Server | =4.1-esv-r10_rc1 | |
| ISC DHCP Server | =4.1-esv-r10b1 | |
| ISC DHCP Server | =4.1-esv-r10rc1 | |
| ISC DHCP Server | =4.1-esv-r11 | |
| ISC DHCP Server | =4.1-esv-r11_b1 | |
| ISC DHCP Server | =4.1-esv-r11_rc1 | |
| ISC DHCP Server | =4.1-esv-r11_rc2 | |
| ISC DHCP Server | =4.1-esv-r11b1 | |
| ISC DHCP Server | =4.1-esv-r11rc1 | |
| ISC DHCP Server | =4.1-esv-r11rc2 | |
| ISC DHCP Server | =4.1-esv-r12 | |
| ISC DHCP Server | =4.1-esv-r12-p1 | |
| ISC DHCP Server | =4.1-esv-r12_b1 | |
| ISC DHCP Server | =4.1-esv-r12_p1 | |
| ISC DHCP Server | =4.1-esv-r12b1 | |
| ISC DHCP Server | =4.1-esv-r13 | |
| ISC DHCP Server | =4.1-esv-r13_b1 | |
| ISC DHCP Server | =4.1-esv-r13b1 | |
| ISC DHCP Server | =4.1-esv-r14 | |
| ISC DHCP Server | =4.1-esv-r14_b1 | |
| ISC DHCP Server | =4.1-esv-r14b1 | |
| ISC DHCP Server | =4.1-esv-r15 | |
| ISC DHCP Server | =4.1-esv-r15-p1 | |
| ISC DHCP Server | =4.1-esv-r15_b1 | |
| ISC DHCP Server | =4.1-esv-r16 | |
| ISC DHCP Server | =4.1-esv-r16-p1 | |
| Debian Debian Linux | =10.0 | |
| Fedoraproject Fedora | =35 | |
| Fedoraproject Fedora | =36 | |
| Fedoraproject Fedora | =37 |
Remedy
Upgrade to the patched release most closely related to your current version of ISC DHCP. These can all be downloaded from https://www.isc.org/downloads. 4.4.3-P1 4.1-ESV-R16-P2
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://kb.isc.org/docs/cve-2022-2929
- https://lists.debian.org/debian-lts-announce/2022/10/msg00015.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2SARIK7KZ7MGQIWDRWZFAOSQSPXY4GOU/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QQXYCIWUDILRCNBAIMVFCSGXBRKEPB4K/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T6IBFH4MRRNJQVWEKILQ6I6CXWW766FX/
- https://security.gentoo.org/glsa/202305-22
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQXYCIWUDILRCNBAIMVFCSGXBRKEPB4K/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T6IBFH4MRRNJQVWEKILQ6I6CXWW766FX/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SARIK7KZ7MGQIWDRWZFAOSQSPXY4GOU/
Frequently Asked Questions
What is CVE-2022-2929?
CVE-2022-2929 is a vulnerability in ISC DHCP that could allow an attacker to cause the DHCP server to run out of memory.
Which versions of ISC DHCP are affected by CVE-2022-2929?
ISC DHCP versions 1.0 to 4.4.3 and 4.1-ESV-R1 to 4.1-ESV-R16-P1 are affected by CVE-2022-2929.
What is the severity of CVE-2022-2929?
CVE-2022-2929 has a severity score of 6.5, which is considered medium.
How can CVE-2022-2929 be fixed?
To fix CVE-2022-2929, it is recommended to update to a patched version of ISC DHCP.
Where can I find more information about CVE-2022-2929?
More information about CVE-2022-2929 can be found in the references provided: [reference 1](https://kb.isc.org/docs/cve-2022-2929), [reference 2](https://lists.debian.org/debian-lts-announce/2022/10/msg00015.html), [reference 3](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2SARIK7KZ7MGQIWDRWZFAOSQSPXY4GOU/)
- agent/type
- agent/softwarecombine
- agent/author
- agent/title
- agent/severity
- agent/references
- agent/remedy
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/isc
- canonical/isc dhcp server
- version/isc dhcp server/1.0.0
- version/isc dhcp server/4.2.0
- version/isc dhcp server/4.4.3
- version/isc dhcp server/4.1-esv-r1
- version/isc dhcp server/4.1-esv-r10
- version/isc dhcp server/4.1-esv-r10_b1
- version/isc dhcp server/4.1-esv-r10_rc1
- version/isc dhcp server/4.1-esv-r10b1
- version/isc dhcp server/4.1-esv-r10rc1
- version/isc dhcp server/4.1-esv-r11
- version/isc dhcp server/4.1-esv-r11_b1
- version/isc dhcp server/4.1-esv-r11_rc1
- version/isc dhcp server/4.1-esv-r11_rc2
- version/isc dhcp server/4.1-esv-r11b1
- version/isc dhcp server/4.1-esv-r11rc1
- version/isc dhcp server/4.1-esv-r11rc2
- version/isc dhcp server/4.1-esv-r12
- version/isc dhcp server/4.1-esv-r12-p1
- version/isc dhcp server/4.1-esv-r12_b1
- version/isc dhcp server/4.1-esv-r12_p1
- version/isc dhcp server/4.1-esv-r12b1
- version/isc dhcp server/4.1-esv-r13
- version/isc dhcp server/4.1-esv-r13_b1
- version/isc dhcp server/4.1-esv-r13b1
- version/isc dhcp server/4.1-esv-r14
- version/isc dhcp server/4.1-esv-r14_b1
- version/isc dhcp server/4.1-esv-r14b1
- version/isc dhcp server/4.1-esv-r15
- version/isc dhcp server/4.1-esv-r15-p1
- version/isc dhcp server/4.1-esv-r15_b1
- version/isc dhcp server/4.1-esv-r16
- version/isc dhcp server/4.1-esv-r16-p1
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/10.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/35
- version/fedoraproject fedora/36
- version/fedoraproject fedora/37