CVE-2020-7217

Опубликовано: 11 фев. 2020

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An ni_dhcp4_fsm_process_dhcp4_packet memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets with a different client-id.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00011.html
Mailing List
Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1160906
Issue Tracking
Vendor Advisory
https://github.com/openSUSE/wicked/releases
Release Notes
Third Party Advisory
https://www.suse.com/security/cve/CVE-2020-7217/
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00011.html
Mailing List
Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1160906
Issue Tracking
Vendor Advisory
https://github.com/openSUSE/wicked/releases
Release Notes
Third Party Advisory
https://www.suse.com/security/cve/CVE-2020-7217/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opensuse:wicked:*:*:*:*:*:*:*:*

Версия до 0.6.55 (включая)

EPSS

Процентиль: 69%

0.00597

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-401

Связанные уязвимости

GHSA-j299-xp2p-5fm9

github

больше 3 лет назад

An ni_dhcp4_fsm_process_dhcp4_packet memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets with a different client-id.

openSUSE-SU-2020:0207-1

suse-cvrf

почти 6 лет назад

Security update for wicked

SUSE-SU-2020:0370-1

suse-cvrf

около 6 лет назад

Security update for wicked

SUSE-SU-2020:0347-1

suse-cvrf

около 6 лет назад

Security update for wicked

SUSE-SU-2020:0369-1

suse-cvrf

около 6 лет назад

Security update for wicked

EPSS

Процентиль: 69%

0.00597

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-401