Red Hat Bugzilla – Bug 672755
CVE-2011-0413 dhcp: unexpected abort caused by a DHCPv6 decline message
Last modified: 2011-04-19 04:10:38 EDT
We've been notified by ISC about the upcoming security advisory for ISC DHCP. This issue affects DHCPv6 server:
When the DHCPv6 server code processes a message for an address that was
previously declined and internally tagged as abandoned it can trigger an
assert failure resulting in the server crashing. This could be used to
crash DHCPv6 servers remotely. This issue only affects DHCPv6 servers.
DHCPv4 servers are unaffected.
Versions affected: 4.0.x-4.2.x
Solution: Upgrade to 4.1.2-P1, 4.1-ESV-R1, or 4.2.1b1
This also got US-CERT id VU#686084: http://www.kb.cert.org/vuls/id/686084
Red Hat would like to thank Internet Systems Consortium for reporting this issue.
This is now public:
Created attachment 475495 [details]
diff of upstream 4.1.2 and 4.1.2-P1
This is the relevant changes from upstream for this issue; 4.1.2-P1 only fixed this issue and nothing else; all the other changes omitted are copyright/$Id$ changes.
Created dhcp tracking bugs for this issue
Affects: fedora-all [bug 672996]
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2011:0256 https://rhn.redhat.com/errata/RHSA-2011-0256.html