[pkg-dhcp-devel] Bug#611217: CVE-2011-0413: crash after DHCPv6 decline message
Raphael Geissert
geissert at debian.org
Wed Jan 26 21:24:19 UTC 2011
Package: isc-dhcp-server
Version: 4.1.1-P1-15
Severity: grave
Tags: security patch
Hi Ari,
Just as a public record, the following advisory (CVE-2011-0413[0]) has been
published by ISC[1]:
> When the DHCPv6 server code processes a message for an address that was
> previously declined and internally tagged as abandoned it can trigger an
> assert failure resulting in the server crashing. This could be used to
> crash DHCPv6 servers remotely. This issue only affects DHCPv6 servers.
> DHCPv4 servers are unaffected.
I'm attaching the patch that was used for 4.1-ESV, which applies almost
cleanly in 4.1.1-P1 (3 lines diff between hunks.) I have not tested it, though.
[0]http://security-tracker.debian.org/tracker/CVE-2011-0413
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0413
[1]http://www.isc.org/software/dhcp/advisories/cve-2011-0413
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cve-2011-0413.patch
Type: text/x-patch
Size: 1774 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-dhcp-devel/attachments/20110126/1e5d7c2b/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-dhcp-devel/attachments/20110126/1e5d7c2b/attachment.pgp>
More information about the pkg-dhcp-devel
mailing list