Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-2928

Опубликовано: 07 окт. 2022
Источник: debian
EPSS Низкий

Описание

In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
isc-dhcpfixed4.4.3-2.1package

Примечания

  • https://www.openwall.com/lists/oss-security/2022/10/05/1

  • https://downloads.isc.org/isc/dhcp/4.4.3-P1/patches/

  • https://downloads.isc.org/isc/dhcp/4.1-ESV-R16-P2/patches/

  • https://kb.isc.org/docs/cve-2022-2928

EPSS

Процентиль: 9%
0.00035
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2022-2928

CVSS3: 6.5
ubuntu
почти 3 года назад

In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort.

redhat логотип

CVE-2022-2928

CVSS3: 6.5
redhat
почти 3 года назад

In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort.

nvd логотип

CVE-2022-2928

CVSS3: 6.5
nvd
почти 3 года назад

In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort.

msrc логотип

CVE-2022-2928

CVSS3: 6.5
msrc
около 1 года назад

Описание отсутствует

github логотип

GHSA-5fp7-mmwq-gvmw

CVSS3: 7.5
github
почти 3 года назад

In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort.

EPSS

Процентиль: 9%
0.00035
Низкий