CVE-2020-7217

An nidhcp4fsmprocessdhcp4packet memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets with a different client-id...

CVE-2020-7216

An nidhcp4parseresponse memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets without a message type option...

SUSE CVE-2025-11232

To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "^A-Za-z0-9.-"; "hostname-char-replacement" must be empty the default; and "ddns-qualifying-suffix" must NOT be empty the default is empty. DDNS...

EUVD-2025-36693

To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "^A-Za-z0-9.-"; "hostname-char-replacement" must be empty the default; and "ddns-qualifying-suffix" must NOT be empty the default is empty. DDNS...

CVE-2025-11232

To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "^A-Za-z0-9.-"; "hostname-char-replacement" must be empty the default; and "ddns-qualifying-suffix" must NOT be empty the default is empty. DDNS...

CVE-2025-11232 Invalid characters cause assert

To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "^A-Za-z0-9.-"; "hostname-char-replacement" must be empty the default; and "ddns-qualifying-suffix" must NOT be empty the default is empty. DDNS...

CVE-2025-11232

Kea DHCP (ISC) vulnerability CVE-2025-11232 affects Kea 3.0.1 and 3.1.1–3.1.2. The root cause is an assertion triggered by three specific default config values: hostname-char-set uses the default [^A-Za-z0-9.-], hostname-char-replacement is empty, and ddns-qualifying-suffix is non-empty. When a c...

CVE-2025-11232 Invalid characters cause assert

To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "^A-Za-z0-9.-"; "hostname-char-replacement" must be empty the default; and "ddns-qualifying-suffix" must NOT be empty the default is empty. DDNS...

ISC KEA -- Invalid characters cause assert

Internet Systems Consortium, Inc. reports: To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "^A-Za-z0-9.-"; "hostname-char-replacement" must be empty the default; and "ddns-qualifying-suffix" must N...

EUVD-2020-28348

Malware in sbrugna...

EUVD-2020-28349

Malware in sbrugna...

FreeBSD : ISC KEA -- kea-dhcp4 aborts if client sends a broadcast request with particular options (f727fe60-8389-11f0-8438-001b217e4ee5)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f727fe60-8389-11f0-8438-001b217e4ee5 advisory. Internet Systems Consortium, Inc. reports: We corrected an issue in kea-dhcp4 that caused the server to...

SUSE CVE-2025-40779

If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...

CVE-2025-40779

If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...

ISC KEA -- kea-dhcp4 aborts if client sends a broadcast request with particular options

Internet Systems Consortium, Inc. reports: We corrected an issue in kea-dhcp4 that caused the server to abort if a client sent a broadcast request with particular options, and Kea failed to find an appropriate subnet for that client. This addresses CVE-2025-40779 4055, 4048...

Google Pixel Buffer Error Vulnerability

Google Pixel is a smartphone from Google, Inc. in the United States. A security vulnerability exists in Google Pixel, which stems from a missing bounds check issue in dhcp4SetPDNAddress of dhcp4Main.c, which may result in out-of-bounds writes...

SUSE: Security Advisory (SUSE-SU-2020:0351-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : wicked (SUSE-SU-2020:0410-1)

This update for wicked fixes the following issues : CVE-2019-18902: Fixed a use-after-free when receiving invalid DHCP6 client options bsc1160903. CVE-2019-18903: Fixed a use-after-free when receiving invalid DHCP6 IAPD option bsc1160904. CVE-2020-7216: Fixed a potential denial of service via a...

SUSE-SU-2020:0410-1 Security update for wicked

This update for wicked fixes the following issues: - CVE-2019-18902: Fixed a use-after-free when receiving invalid DHCP6 client options bsc1160903. - CVE-2019-18903: Fixed a use-after-free when receiving invalid DHCP6 IAPD option bsc1160904. - CVE-2020-7216: Fixed a potential denial of service vi...

openSUSE wicked denial of service vulnerability (CNVD-2020-33735)

openSUSE is a set of Linux-based free operating system and open source community project of the German SUSE company. A security vulnerability exists in the 'nidhcp4fsmprocessdhcp4packet' function in openSUSE wicked. A remote attacker can exploit this vulnerability to cause a denial of service wit...