Login
Newsletter
Werbung

Sicherheit: Denial of Service in DHCP (Aktualisierung)
Aktuelle Meldungen Distributionen
Name: Denial of Service in DHCP (Aktualisierung)
ID: USN-4969-2
Distribution: Ubuntu
Plattformen: Ubuntu 14.04 ESM, Ubuntu 16.04 ESM
Datum: Do, 27. Mai 2021, 22:54
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25217
Applikationen: ISC DHCP
Update von: Denial of Service in DHCP

Originalnachricht


--===============2786696352385803878==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="17pEHd4RhPHOinZp"
Content-Disposition: inline


--17pEHd4RhPHOinZp
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

==========================================================================
Ubuntu Security Notice USN-4969-2
May 27, 2021

isc-dhcp vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM

Summary:

DHCP could be made to crash if it received specially crafted network
traffic.

Software Description:
- isc-dhcp: DHCP server and client

Details:

USN-4969-1 fixed a vulnerability in DHCP. This update provides
the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM.


Original advisory details:

Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly
handled lease file parsing. A remote attacker could possibly use this issue
to cause DHCP to crash, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
isc-dhcp-client 4.3.3-5ubuntu12.10+esm1
isc-dhcp-server 4.3.3-5ubuntu12.10+esm1

Ubuntu 14.04 ESM:
isc-dhcp-client 4.2.4-7ubuntu12.13+esm1
isc-dhcp-server 4.2.4-7ubuntu12.13+esm1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-4969-2
https://ubuntu.com/security/notices/USN-4969-1
CVE-2021-25217

--17pEHd4RhPHOinZp
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAmCvkc8ACgkQRbznW4QL
H2nuMw/9EXY5WJYPQlu5PqsxPpzRyRQ1ihZgHSMKbzSBu1XLqdibXTSUh0XvAhpP
rexbqfM7XsRmq+fuT0+Jrz4oPNxcW0mkfjxpmrT7LT4WzuyhrfbxhIe029IaWM5J
SHtV3AZL/E/aP9Eiwl9VkSjbmjCb5y7oxGTzbqvlsNoqSEtbD750+cK4fQdaruTN
lHpqqfxb/58DW/l0YOGnN4ffCN4jopTf0HMYD8PYv+WF2HxVvAGGTMnVYgaGWeOK
nk+Q6+aoCdRPBlBTukiTuA3m8C4e9F+XdtIqw7lCc5/o/WkUlCbGkkRAfGS5YCho
v8+YcQR/RCqV5lzfw4wc3F4KJJxK1NsG3VZHAAjDEsNph7hHPp7wzw/CJrYr02CC
z14doHpGnRwNWn6HRssyJbsYi4Ufm0PJfKtz7Nk0SApvYLPRodWl9KbToA0jG5u3
dkX11U8+CoYw/ckr6BwO9Ri08vNn8mce5/SN3Bjy/Sdd5G844daVV9wW9RuzNv6l
M5/ureFoSPit7A9GUIJ5ZhU7xPI2sVQ9dBMOJeYGxOk20gMRV20SxFXtJUf6AWj0
bRLcNPkd9CvMaYxT6ESK4NN99qeaSNQDIDWG/l1ndS816KAyM0OiruKpwkcCVrEG
nKatBZTvctvmtLJwDLfxrjrOPvKjNkgbOnbBeGE7eFh0G9pee8c=
=KQ40
-----END PGP SIGNATURE-----

--17pEHd4RhPHOinZp--


--===============2786696352385803878==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung