CVE-2019-6472

NameCVE-2019-6472
DescriptionA packet containing a malformed DUID can cause the Kea DHCPv6 server process (kea-dhcp6) to exit due to an assertion failure. Versions affected: 1.4.0 to 1.5.0, 1.6.0-beta1, and 1.6.0-beta2.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitylow
Debian Bugs936040

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
isc-kea (PTS)stretch1.1.0-1vulnerable
sid1.5.0-2vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
isc-keasource(unstable)(unfixed)936040

Notes

[stretch] - isc-kea <no-dsa> (Minor issue)
https://kb.isc.org/docs/cve-2019-6472

Search for package or bug name: Reporting problems