Описание
An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 237-3ubuntu10.49 |
| devel | released | 248.3-1ubuntu3 |
| esm-infra-legacy/trusty | needed | |
| esm-infra/bionic | released | 237-3ubuntu10.49 |
| esm-infra/focal | released | 245.4-4ubuntu3.10 |
| esm-infra/xenial | released | 229-4ubuntu21.31+esm1 |
| focal | released | 245.4-4ubuntu3.10 |
| groovy | released | 246.6-1ubuntu1.7 |
| hirsute | released | 247.3-3ubuntu3.4 |
| impish | released | 248.3-1ubuntu3 |
Показывать по
EPSS
2.9 Low
CVSS2
6.1 Medium
CVSS3
Связанные уязвимости
An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.
An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.
An exploitable denial-of-service vulnerability exists in Systemd 245. ...
An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.
ELSA-2021-4361: NetworkManager security, bug fix, and enhancement update (MODERATE)
EPSS
2.9 Low
CVSS2
6.1 Medium
CVSS3