Bug 662325 - (CVE-2010-3616) CVE-2010-3616 dhcp: server hangs with TCP to failover peer port
CVE-2010-3616 dhcp: server hangs with TCP to failover peer port
Status: NEW
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On: 662326
  Show dependency treegraph
Reported: 2010-12-11 11:03 EST by Vincent Danen
Modified: 2015-07-31 02:35 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Vincent Danen 2010-12-11 11:03:55 EST
A flaw was found in ISC's dhcpd [1] where, if a server receives a TCP connection on a port that has been configured for communication with a failover peer, it would be come unresponsive to all normal DHCP protocol traffic.  This will result in the server no longer providing DHCP services to clients until it is restarted.

This flaw only affects DHCP version 4.2 and is corrected in DHCP 4.2.0-P2 [2].  Previous versions of DHCP are not vulnerable.

Only current Fedora 14 and Rawhide ship dhcp-4.2.0 and are vulnerable to this issue.

[1] http://www.pubbs.net/201012/dhcp/9981-nagios-checktcp-kills-failover-then-dhcp-failure.html
[2] https://www.isc.org/software/dhcp/advisories/cve-2010-3616


Not vulnerable.  This issue did not affect the versions of dhcp as shipped with Red Hat Enterprise Linux 3, 4, 5, or 6.
Comment 1 Vincent Danen 2010-12-11 11:05:17 EST
Created dhcp tracking bugs for this issue

Affects: fedora-14 [bug 662326]

Note You need to log in before you can comment on or make changes to this bug.