Name | CVE-2018-5732 |
Description | Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. Affects ISC DHCP versions 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0 |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
References | DLA-1313-1, DSA-4133-1 |
Debian Bugs | 891786 |
The table below lists information on source packages.
Source Package | Release | Version | Status |
---|---|---|---|
isc-dhcp (PTS) | bullseye | 4.4.1-2.3+deb11u2 | fixed |
bullseye (security) | 4.4.1-2.3+deb11u1 | fixed | |
bookworm | 4.4.3-P1-2 | fixed | |
sid, trixie | 4.4.3-P1-5 | fixed |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|---|---|---|---|---|---|
isc-dhcp | source | wheezy | 4.2.2.dfsg.1-5+deb70u9 | DLA-1313-1 | ||
isc-dhcp | source | jessie | 4.3.1-6+deb8u3 | DSA-4133-1 | ||
isc-dhcp | source | stretch | 4.3.5-3+deb9u1 | DSA-4133-1 | ||
isc-dhcp | source | (unstable) | 4.3.5-3.1 | 891786 |
https://kb.isc.org/article/AA-01565/75/CVE-2018-5732
https://bugs.isc.org/Public/Bug/Display.html?id=47139
https://gitlab.isc.org/isc-projects/dhcp/-/commit/c5931725b48b121d232df4ba9e45bc41e0ba114d (4.4.1)
Fixes for 4.3.6p1: https://gitlab.isc.org/isc-projects/dhcp/-/commit/99a25aedea02d9c259cb8fabf4be700fb32571a3