Two flaws were found that could be used to cause the ISC DHCP server to halt when processing certain packets [1]. These could be used by an attacker to cause a denial of service for DHCP services. These flaws are corrected in upstream versions 3.1-ESV-R3, 4.1-ESV-R3 and 4.2.2. [1] http://www.isc.org/software/dhcp/advisories/cve-2011-2748
This is now public.
Created attachment 517663 [details] upstream 3.1-ESV-R1 -> 3.1-ESV-R3 patch Extracted patch from diffing R1 to R3 and removing all the extraneous copyright/CVS Id/non-code changes, so it should fix both flaws in 3.x versions of dhcp.
Created attachment 517665 [details] patch for dhcp-3.0.5 (RHEL-5) (In reply to comment #3) > Created attachment 517663 [details] > upstream 3.1-ESV-R1 -> 3.1-ESV-R3 patch Backported to 3.0.5 (RHEL-5)
Created attachment 517670 [details] patch for dhcp-4.1.1-P1 (RHEL-6) From diffing dhcp-4.1-ESV-R3b1 and dhcp-4.1-ESV-R3.
Created dhcp tracking bugs for this issue Affects: fedora-all [bug 729850]
Created attachment 517740 [details] Patch for dhcp-3.0.1 (RHEL-4)
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 Via RHSA-2011:1160 https://rhn.redhat.com/errata/RHSA-2011-1160.html