ALAS-2018-984 ---- dhcpID: oval:org.secpod.oval:def:1600868 | Date: (C)2018-04-06 (M)2022-08-29 |
Class: PATCH | Family: unix |
Buffer overflow in dhclient possibly allowing code execution triggered by malicious serverAn out-of-bound memory access flaw was found in the way dhclient processed a DHCP response packet. A malicious DHCP server could potentially use this flaw to crash dhclient processes running on DHCP client machines via a crafted DHCP response packet. Reference count overflow in dhcpd allows denial of serviceA denial of service flaw was found in the way dhcpd handled reference counting when processing client requests. A malicious DHCP client could use this flaw to trigger a reference count overflow on the server side, potentially causing dhcpd to crash, by sending large amounts of traffic
Platform: |
Amazon Linux AMI |