Bug 729382 (CVE-2011-2748, CVE-2011-2749) - CVE-2011-2748 CVE-2011-2749 dhcp: denial of service flaws
Summary: CVE-2011-2748 CVE-2011-2749 dhcp: denial of service flaws
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2011-2748, CVE-2011-2749
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 729850 729879 729880 729881 729883 729885
Blocks: 729388
TreeView+ depends on / blocked
 
Reported: 2011-08-09 18:00 UTC by Vincent Danen
Modified: 2019-09-29 12:46 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-04-17 11:20:00 UTC
Embargoed:


Attachments (Terms of Use)
upstream 3.1-ESV-R1 -> 3.1-ESV-R3 patch (3.94 KB, patch)
2011-08-10 17:20 UTC, Vincent Danen
no flags Details | Diff
patch for dhcp-3.0.5 (RHEL-5) (4.68 KB, patch)
2011-08-10 17:41 UTC, Jiri Popelka
no flags Details | Diff
patch for dhcp-4.1.1-P1 (RHEL-6) (2.74 KB, patch)
2011-08-10 18:15 UTC, Jiri Popelka
no flags Details | Diff
Patch for dhcp-3.0.1 (RHEL-4) (4.31 KB, patch)
2011-08-11 06:36 UTC, Jiri Popelka
no flags Details | Diff


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2011:1160 0 normal SHIPPED_LIVE Moderate: dhcp security update 2011-08-15 17:38:38 UTC

Description Vincent Danen 2011-08-09 18:00:50 UTC
Two flaws were found that could be used to cause the ISC DHCP server to halt when processing certain packets [1]. These could be used by an attacker to cause a denial of service for DHCP services.

These flaws are corrected in upstream versions 3.1-ESV-R3, 4.1-ESV-R3 and 4.2.2.

[1] http://www.isc.org/software/dhcp/advisories/cve-2011-2748

Comment 2 Vincent Danen 2011-08-10 17:11:42 UTC
This is now public.

Comment 3 Vincent Danen 2011-08-10 17:20:27 UTC
Created attachment 517663 [details]
upstream 3.1-ESV-R1 -> 3.1-ESV-R3 patch

Extracted patch from diffing R1 to R3 and removing all the extraneous copyright/CVS Id/non-code changes, so it should fix both flaws in 3.x versions of dhcp.

Comment 4 Jiri Popelka 2011-08-10 17:41:04 UTC
Created attachment 517665 [details]
patch for dhcp-3.0.5 (RHEL-5)

(In reply to comment #3)
> Created attachment 517663 [details]
> upstream 3.1-ESV-R1 -> 3.1-ESV-R3 patch

Backported to 3.0.5 (RHEL-5)

Comment 5 Jiri Popelka 2011-08-10 18:15:27 UTC
Created attachment 517670 [details]
patch for dhcp-4.1.1-P1 (RHEL-6)

From diffing dhcp-4.1-ESV-R3b1 and dhcp-4.1-ESV-R3.

Comment 7 Huzaifa S. Sidhpurwala 2011-08-11 03:06:09 UTC
Created dhcp tracking bugs for this issue

Affects: fedora-all [bug 729850]

Comment 8 Huzaifa S. Sidhpurwala 2011-08-11 03:07:03 UTC
Created dhcp tracking bugs for this issue

Affects: fedora-all [bug 729850]

Comment 9 Jiri Popelka 2011-08-11 06:36:32 UTC
Created attachment 517740 [details]
Patch for dhcp-3.0.1 (RHEL-4)

Comment 11 errata-xmlrpc 2011-08-15 17:38:45 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6
  Red Hat Enterprise Linux 5
  Red Hat Enterprise Linux 4

Via RHSA-2011:1160 https://rhn.redhat.com/errata/RHSA-2011-1160.html


Note You need to log in before you can comment on or make changes to this bug.