CVE-2020-7216

Опубликовано: 05 фев. 2020

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An ni_dhcp4_parse_response memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets without a message type option.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00005.html
Mailing List
Vendor Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1160905
Issue Tracking
Permissions Required
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00005.html
Mailing List
Vendor Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1160905
Issue Tracking
Permissions Required
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opensuse:wicked:*:*:*:*:*:*:*:*

Версия до 0.6.55 (включая)

Конфигурация 2

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

EPSS

Процентиль: 56%

0.00341

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-401

Связанные уязвимости

GHSA-j34x-4223-w5xq

github

больше 3 лет назад

An ni_dhcp4_parse_response memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets without a message type option.

openSUSE-SU-2020:0165-1

suse-cvrf

около 6 лет назад

Security update for wicked

SUSE-SU-2020:0264-1

suse-cvrf

около 6 лет назад

Security update for wicked

SUSE-SU-2020:0263-1

suse-cvrf

около 6 лет назад

Security update for wicked

SUSE-SU-2020:0369-1

suse-cvrf

около 6 лет назад

Security update for wicked

EPSS

Процентиль: 56%

0.00341

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-401