| Name | CVE-2018-5733 |
| Description | A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| References | DLA-1313-1, DSA-4133-1 |
| Debian Bugs | 891785 |
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|---|---|---|
| isc-dhcp (PTS) | buster | 4.4.1-2+deb10u1 | fixed |
| buster (security) | 4.4.1-2+deb10u3 | fixed | |
| bullseye | 4.4.1-2.3+deb11u2 | fixed | |
| bullseye (security) | 4.4.1-2.3+deb11u1 | fixed | |
| bookworm | 4.4.3-P1-2 | fixed | |
| sid, trixie | 4.4.3-P1-5 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| isc-dhcp | source | wheezy | 4.2.2.dfsg.1-5+deb70u9 | DLA-1313-1 | ||
| isc-dhcp | source | jessie | 4.3.1-6+deb8u3 | DSA-4133-1 | ||
| isc-dhcp | source | stretch | 4.3.5-3+deb9u1 | DSA-4133-1 | ||
| isc-dhcp | source | (unstable) | 4.3.5-3.1 | 891785 |
https://kb.isc.org/article/AA-01567/75/CVE-2018-5733
https://bugs.isc.org/Public/Bug/Display.html?id=47140
https://gitlab.isc.org/isc-projects/dhcp/-/commit/197b26f25309f947b97a83b8fdfc414b767798f8 (4.4.1)
Fixes for 4.3.6p1: https://gitlab.isc.org/isc-projects/dhcp/-/commit/99a25aedea02d9c259cb8fabf4be700fb32571a3