First published: Mon May 28 2018(Updated: )
USN-3586-1 fixed a vulnerability in DHCP. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Felix Wilhelm discovered that the DHCP client incorrectly handled certain malformed responses. A remote attacker could use this issue to cause the DHCP client to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, attackers would be isolated by the dhclient AppArmor profile. (CVE-2018-5732) Felix Wilhelm discovered that the DHCP server incorrectly handled reference counting. A remote attacker could possibly use this issue to cause the DHCP server to crash, resulting in a denial of service. (CVE-2018-5733)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/isc-dhcp-server | <4.1.ESV-R4-0ubuntu5.13 | 4.1.ESV-R4-0ubuntu5.13 |
=12.04 | ||
All of | ||
ubuntu/isc-dhcp-relay | <4.1.ESV-R4-0ubuntu5.13 | 4.1.ESV-R4-0ubuntu5.13 |
=12.04 | ||
All of | ||
ubuntu/isc-dhcp-client | <4.1.ESV-R4-0ubuntu5.13 | 4.1.ESV-R4-0ubuntu5.13 |
=12.04 | ||
All of | ||
ubuntu/isc-dhcp-server-ldap | <4.1.ESV-R4-0ubuntu5.13 | 4.1.ESV-R4-0ubuntu5.13 |
=12.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of USN-3586-2 is CVE-2018-5732 and CVE-2018-5733.
The software affected by USN-3586-2 is isc-dhcp-server, isc-dhcp-relay, isc-dhcp-client, and isc-dhcp-server-ldap on Ubuntu 12.04.
The severity of the USN-3586-2 vulnerability is not mentioned in the provided information.
The remedy for USN-3586-2 is to update the isc-dhcp-server, isc-dhcp-relay, isc-dhcp-client, and isc-dhcp-server-ldap packages to version 4.1.ESV-R4-0ubuntu5.13 or later.
You can find more information about USN-3586-2 at the following references: [USN-3586-1](https://ubuntu.com/security/notices/USN-3586-1), [CVE-2018-5732](https://ubuntu.com/security/CVE-2018-5732), [CVE-2018-5733](https://ubuntu.com/security/CVE-2018-5733).