Bug 662325 (CVE-2010-3616) - CVE-2010-3616 dhcp: server hangs with TCP to failover peer port
Summary: CVE-2010-3616 dhcp: server hangs with TCP to failover peer port
Alias: CVE-2010-3616
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 662326
TreeView+ depends on / blocked
Reported: 2010-12-11 16:03 UTC by Vincent Danen
Modified: 2021-03-26 15:08 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2019-06-10 10:57:30 UTC

Attachments (Terms of Use)

Description Vincent Danen 2010-12-11 16:03:55 UTC
A flaw was found in ISC's dhcpd [1] where, if a server receives a TCP connection on a port that has been configured for communication with a failover peer, it would be come unresponsive to all normal DHCP protocol traffic.  This will result in the server no longer providing DHCP services to clients until it is restarted.

This flaw only affects DHCP version 4.2 and is corrected in DHCP 4.2.0-P2 [2].  Previous versions of DHCP are not vulnerable.

Only current Fedora 14 and Rawhide ship dhcp-4.2.0 and are vulnerable to this issue.

[1] http://www.pubbs.net/201012/dhcp/9981-nagios-checktcp-kills-failover-then-dhcp-failure.html
[2] https://www.isc.org/software/dhcp/advisories/cve-2010-3616


Not vulnerable.  This issue did not affect the versions of dhcp as shipped with Red Hat Enterprise Linux 3, 4, 5, or 6.

Comment 1 Vincent Danen 2010-12-11 16:05:17 UTC
Created dhcp tracking bugs for this issue

Affects: fedora-14 [bug 662326]

Note You need to log in before you can comment on or make changes to this bug.