Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-11232

Опубликовано: 29 окт. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 7.5

Описание

To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "[^A-Za-z0-9.-]"; "hostname-char-replacement" must be empty (the default); and "ddns-qualifying-suffix" must NOT be empty (the default is empty). DDNS updates do not need to be enabled for this issue to manifest. A client that sends certain option content would then cause kea-dhcp4 to exit unexpectedly. This issue affects Kea versions 3.0.1 through 3.0.1 and 3.1.1 through 3.1.2.

РелизСтатусПримечание
devel

needs-triage

esm-apps/bionic

not-affected

code not present
esm-apps/focal

not-affected

code not present
esm-apps/jammy

not-affected

code not present
esm-apps/xenial

not-affected

code not present
jammy

not-affected

code not present
noble

not-affected

code not present
plucky

not-affected

code not present
questing

not-affected

code not present
upstream

not-affected

debian: Vulnerable code not present

Показывать по

Ссылки на источники

EPSS

Процентиль: 7%
0.00029
Низкий

7.5 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2025-11232

CVSS3: 7.5
nvd
около 2 месяцев назад

To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "[^A-Za-z0-9.-]"; "hostname-char-replacement" must be empty (the default); and "ddns-qualifying-suffix" must *NOT* be empty (the default is empty). DDNS updates do not need to be enabled for this issue to manifest. A client that sends certain option content would then cause kea-dhcp4 to exit unexpectedly. This issue affects Kea versions 3.0.1 through 3.0.1 and 3.1.1 through 3.1.2.

debian логотип

CVE-2025-11232

CVSS3: 7.5
debian
около 2 месяцев назад

To trigger the issue, three configuration parameters must have specifi ...

rocky логотип

RLSA-2025:21038

rocky
27 дней назад

Important: kea security update

github логотип

GHSA-wcxf-jmjh-x27q

CVSS3: 7.5
github
около 2 месяцев назад

To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "[^A-Za-z0-9.-]"; "hostname-char-replacement" must be empty (the default); and "ddns-qualifying-suffix" must *NOT* be empty (the default is empty). DDNS updates do not need to be enabled for this issue to manifest. A client that sends certain option content would then cause kea-dhcp4 to exit unexpectedly. This issue affects Kea versions 3.0.1 through 3.0.1 and 3.1.1 through 3.1.2.

oracle-oval логотип

ELSA-2025-21038

oracle-oval
16 дней назад

ELSA-2025-21038: kea security update (IMPORTANT)

EPSS

Процентиль: 7%
0.00029
Низкий

7.5 High

CVSS3