CVE-2017-3144

HIGH

ISC DHCP 4.1.0-4.1-ESV-R15 4.2.0-4.2.8 4.3.0-4.3.6 - Uncontrolled Resource Consumption via OMAPI Connection Cleanup

Title source: llm

Description

A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested.

References (6)

Core 6

Core References

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:0158

Third Party Advisory vendor-advisory x_refsource_debian

https://www.debian.org/security/2018/dsa-4133

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/102726

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1040194

Third Party Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/3586-1/

Vendor Advisory x_refsource_confirm

https://kb.isc.org/docs/aa-01541

Scores

CVSS v3 7.5

EPSS 0.1178

EPSS Percentile 93.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-400

Status published

Products (18)

canonical/ubuntu_linux 14.04

canonical/ubuntu_linux 16.04

canonical/ubuntu_linux 17.10

debian/debian_linux 8.0

debian/debian_linux 9.0

isc/dhcp 4.1-esv (33 CPE variants)

isc/dhcp 4.1.0

isc/dhcp 4.2.0 - 4.2.8

redhat/enterprise_linux_desktop 7.0

redhat/enterprise_linux_server 7.0

... and 8 more

Published Jan 16, 2019

Tracked Since Feb 18, 2026