We've been notified by ISC about the upcoming security advisory for ISC DHCP. This issue affects DHCPv6 server: When the DHCPv6 server code processes a message for an address that was previously declined and internally tagged as abandoned it can trigger an assert failure resulting in the server crashing. This could be used to crash DHCPv6 servers remotely. This issue only affects DHCPv6 servers. DHCPv4 servers are unaffected. Versions affected: 4.0.x-4.2.x Solution: Upgrade to 4.1.2-P1, 4.1-ESV-R1, or 4.2.1b1 This also got US-CERT id VU#686084: http://www.kb.cert.org/vuls/id/686084 Acknowledgement: Red Hat would like to thank Internet Systems Consortium for reporting this issue.
This is now public: http://www.isc.org/software/dhcp/advisories/cve-2011-0413
Created attachment 475495 [details] diff of upstream 4.1.2 and 4.1.2-P1 This is the relevant changes from upstream for this issue; 4.1.2-P1 only fixed this issue and nothing else; all the other changes omitted are copyright/$Id$ changes.
Created dhcp tracking bugs for this issue Affects: fedora-all [bug 672996]
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2011:0256 https://rhn.redhat.com/errata/RHSA-2011-0256.html