Lucene search

K
nvd[email protected]NVD:CVE-2021-25217
HistoryMay 26, 2021 - 10:15 p.m.

CVE-2021-25217

2021-05-2622:15:07
CWE-119
web.nvd.nist.gov
8
isc dhcp
vulnerability
4.1-esv-r1
4.1-esv-r16
4.4.0
4.4.2
32-bit
64-bit
compiler flag
dhclient
dhcpd
dhcpv4
dhcpv6
server binary
lease file

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.003

Percentile

68.3%

In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted.

Affected configurations

Nvd
Node
iscdhcpRange4.4.04.4.2
OR
iscdhcpMatch4.1-esvr1
OR
iscdhcpMatch4.1-esvr10
OR
iscdhcpMatch4.1-esvr10_b1
OR
iscdhcpMatch4.1-esvr10_rc1
OR
iscdhcpMatch4.1-esvr10b1
OR
iscdhcpMatch4.1-esvr10rc1
OR
iscdhcpMatch4.1-esvr11
OR
iscdhcpMatch4.1-esvr11_b1
OR
iscdhcpMatch4.1-esvr11_rc1
OR
iscdhcpMatch4.1-esvr11_rc2
OR
iscdhcpMatch4.1-esvr11b1
OR
iscdhcpMatch4.1-esvr11rc1
OR
iscdhcpMatch4.1-esvr11rc2
OR
iscdhcpMatch4.1-esvr12
OR
iscdhcpMatch4.1-esvr12-p1
OR
iscdhcpMatch4.1-esvr12_b1
OR
iscdhcpMatch4.1-esvr12_p1
OR
iscdhcpMatch4.1-esvr12b1
OR
iscdhcpMatch4.1-esvr13
OR
iscdhcpMatch4.1-esvr13_b1
OR
iscdhcpMatch4.1-esvr13b1
OR
iscdhcpMatch4.1-esvr14
OR
iscdhcpMatch4.1-esvr14_b1
OR
iscdhcpMatch4.1-esvr14b1
OR
iscdhcpMatch4.1-esvr15
OR
iscdhcpMatch4.1-esvr15-p1
OR
iscdhcpMatch4.1-esvr15_b1
OR
iscdhcpMatch4.1-esvr16
Node
fedoraprojectfedoraMatch33
OR
fedoraprojectfedoraMatch34
Node
debiandebian_linuxMatch9.0
Node
siemensruggedcom_rox_rx1400_firmwareRange<2.15.0
AND
siemensruggedcom_rox_rx1400Match-
Node
siemensruggedcom_rox_rx1500_firmwareRange2.3.02.15.0
AND
siemensruggedcom_rox_rx1500Match-
Node
siemensruggedcom_rox_rx1501_firmwareRange2.3.02.15.0
AND
siemensruggedcom_rox_rx1501Match-
Node
siemensruggedcom_rox_rx1510_firmwareRange2.3.02.15.0
AND
siemensruggedcom_rox_rx1510Match-
Node
siemensruggedcom_rox_rx1511_firmwareRange2.3.02.15.0
AND
siemensruggedcom_rox_rx1511Match-
Node
siemensruggedcom_rox_rx1512_firmwareRange2.3.02.15.0
AND
siemensruggedcom_rox_rx1512Match-
Node
siemensruggedcom_rox_rx1524_firmwareRange<2.15.0
AND
siemensruggedcom_rox_rx1524Match-
Node
siemensruggedcom_rox_rx1536_firmwareRange<2.15.0
AND
siemensruggedcom_rox_rx1536Match-
Node
siemensruggedcom_rox_rx5000_firmwareRange2.3.02.15.0
AND
siemensruggedcom_rox_rx5000Match-
Node
siemensruggedcom_rox_mx5000_firmwareRange2.3.02.15.0
AND
siemensruggedcom_rox_mx5000Match-
Node
netappontap_select_deploy_administration_utilityMatch-
OR
netappsolidfire_\&_hci_management_nodeMatch-
Node
siemenssinec_insRange<1.0
OR
siemenssinec_insMatch1.0-
OR
siemenssinec_insMatch1.0sp1
VendorProductVersionCPE
iscdhcp*cpe:2.3:a:isc:dhcp:*:*:*:*:*:*:*:*
iscdhcp4.1-esvcpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:*
iscdhcp4.1-esvcpe:2.3:a:isc:dhcp:4.1-esv:r10:*:*:*:*:*:*
iscdhcp4.1-esvcpe:2.3:a:isc:dhcp:4.1-esv:r10_b1:*:*:*:*:*:*
iscdhcp4.1-esvcpe:2.3:a:isc:dhcp:4.1-esv:r10_rc1:*:*:*:*:*:*
iscdhcp4.1-esvcpe:2.3:a:isc:dhcp:4.1-esv:r10b1:*:*:*:*:*:*
iscdhcp4.1-esvcpe:2.3:a:isc:dhcp:4.1-esv:r10rc1:*:*:*:*:*:*
iscdhcp4.1-esvcpe:2.3:a:isc:dhcp:4.1-esv:r11:*:*:*:*:*:*
iscdhcp4.1-esvcpe:2.3:a:isc:dhcp:4.1-esv:r11_b1:*:*:*:*:*:*
iscdhcp4.1-esvcpe:2.3:a:isc:dhcp:4.1-esv:r11_rc1:*:*:*:*:*:*
Rows per page:
1-10 of 571

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.003

Percentile

68.3%