In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system
with access to a DHCP server, sending DHCP packets crafted to include fqdn
labels longer than 63 bytes, could eventually cause the server to run out
of memory.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | isc-dhcp | <Â 4.3.5-3ubuntu7.4 | UNKNOWN |
ubuntu | 20.04 | noarch | isc-dhcp | <Â 4.4.1-2.1ubuntu5.20.04.4 | UNKNOWN |
ubuntu | 22.04 | noarch | isc-dhcp | <Â 4.4.1-2.3ubuntu2.3 | UNKNOWN |
ubuntu | 22.10 | noarch | isc-dhcp | <Â 4.4.3-2ubuntu4 | UNKNOWN |
ubuntu | 14.04 | noarch | isc-dhcp | <Â 4.2.4-7ubuntu12.13+esm2) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |
ubuntu | 16.04 | noarch | isc-dhcp | <Â 4.3.3-5ubuntu12.10+esm2) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |
kb.isc.org/docs/cve-2022-2929
launchpad.net/bugs/cve/CVE-2022-2929
lists.isc.org/pipermail/dhcp-announce/2022-October/000437.html
nvd.nist.gov/vuln/detail/CVE-2022-2929
security-tracker.debian.org/tracker/CVE-2022-2929
ubuntu.com/security/notices/USN-5658-1
ubuntu.com/security/notices/USN-5658-2
ubuntu.com/security/notices/USN-5658-3
www.cve.org/CVERecord?id=CVE-2022-2929