662325 – (CVE-2010-3616) CVE-2010-3616 dhcp: server hangs with TCP to failover peer port

Bug 662325 (CVE-2010-3616) - CVE-2010-3616 dhcp: server hangs with TCP to failover peer port

Summary: CVE-2010-3616 dhcp: server hangs with TCP to failover peer port

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2010-3616
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	662326
Blocks:
TreeView+	depends on / blocked

Reported:	2010-12-11 16:03 UTC by Vincent Danen
Modified:	2021-03-26 15:08 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-06-10 10:57:30 UTC
Embargoed:

Attachments	(Terms of Use)

Description Vincent Danen 2010-12-11 16:03:55 UTC

A flaw was found in ISC's dhcpd [1] where, if a server receives a TCP connection on a port that has been configured for communication with a failover peer, it would be come unresponsive to all normal DHCP protocol traffic.  This will result in the server no longer providing DHCP services to clients until it is restarted.

This flaw only affects DHCP version 4.2 and is corrected in DHCP 4.2.0-P2 [2].  Previous versions of DHCP are not vulnerable.

Only current Fedora 14 and Rawhide ship dhcp-4.2.0 and are vulnerable to this issue.

[1] http://www.pubbs.net/201012/dhcp/9981-nagios-checktcp-kills-failover-then-dhcp-failure.html
[2] https://www.isc.org/software/dhcp/advisories/cve-2010-3616

Statement:

Not vulnerable.  This issue did not affect the versions of dhcp as shipped with Red Hat Enterprise Linux 3, 4, 5, or 6.

Comment 1 Vincent Danen 2010-12-11 16:05:17 UTC

Created dhcp tracking bugs for this issue

Affects: fedora-14 [bug 662326]

Note You need to log in before you can comment on or make changes to this bug.