Bug 672755 (CVE-2011-0413) - CVE-2011-0413 dhcp: unexpected abort caused by a DHCPv6 decline message
Summary: CVE-2011-0413 dhcp: unexpected abort caused by a DHCPv6 decline message
Alias: CVE-2011-0413
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 672994 672995 672996
TreeView+ depends on / blocked
Reported: 2011-01-26 09:13 UTC by Tomas Hoger
Modified: 2021-02-24 16:41 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2011-04-19 08:10:38 UTC

Attachments (Terms of Use)
diff of upstream 4.1.2 and 4.1.2-P1 (3.14 KB, patch)
2011-01-26 23:20 UTC, Vincent Danen
no flags Details | Diff

System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2011:0256 0 normal SHIPPED_LIVE Moderate: dhcp security update 2011-02-15 18:47:02 UTC

Description Tomas Hoger 2011-01-26 09:13:17 UTC
We've been notified by ISC about the upcoming security advisory for ISC DHCP.  This issue affects DHCPv6 server:

  When the DHCPv6 server code processes a message for an address that was
  previously declined and internally tagged as abandoned it can trigger an
  assert failure resulting in the server crashing. This could be used to
  crash DHCPv6 servers remotely. This issue only affects DHCPv6 servers.
  DHCPv4 servers are unaffected.

  Versions affected: 4.0.x-4.2.x
  Solution: Upgrade to 4.1.2-P1, 4.1-ESV-R1, or 4.2.1b1

This also got US-CERT id VU#686084: http://www.kb.cert.org/vuls/id/686084


Red Hat would like to thank Internet Systems Consortium for reporting this issue.

Comment 4 Vincent Danen 2011-01-26 23:19:17 UTC
This is now public:


Comment 5 Vincent Danen 2011-01-26 23:20:35 UTC
Created attachment 475495 [details]
diff of upstream 4.1.2 and 4.1.2-P1

This is the relevant changes from upstream for this issue; 4.1.2-P1 only fixed this issue and nothing else; all the other changes omitted are copyright/$Id$ changes.

Comment 7 Vincent Danen 2011-01-26 23:22:40 UTC
Created dhcp tracking bugs for this issue

Affects: fedora-all [bug 672996]

Comment 8 errata-xmlrpc 2011-02-15 18:47:08 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2011:0256 https://rhn.redhat.com/errata/RHSA-2011-0256.html

Note You need to log in before you can comment on or make changes to this bug.