Description
A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0.
References (10)
Core 10
Core References
Vendor Advisory
https://security.netapp.com/advisory/ntap-20250425-0010/
Vendor Advisory x_refsource_confirm
https://kb.isc.org/docs/aa-01567
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:0469
Third Party Advisory vendor-advisory
x_refsource_debian
https://www.debian.org/security/2018/dsa-4133
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3586-2/
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:0483
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3586-1/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/103188
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1040437
Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2018/03/msg00015.html
Scores
CVSS v3
7.5
EPSS
0.1026
EPSS Percentile
93.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-190
Status
published
Products (17)
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
16.04
canonical/ubuntu_linux
17.10
debian/debian_linux
7.0
debian/debian_linux
8.0
debian/debian_linux
9.0
isc/dhcp
4.1-esv (34 CPE variants)
isc/dhcp
4.1.0
isc/dhcp
4.4.0
isc/dhcp
4.2.0 - 4.2.8
... and 7 more
Published
Jan 16, 2019
Tracked Since
Feb 18, 2026