Markus Hietava

**Name of the Vulnerable Software and Affected Versions** dhcp versions 4.1.1 through 4.2.4 dhcp versions prior to 4.1-ESV-R6 dhcp-common version 4.1.1 dhcp-devel version 4.1.1 dhclient version 4.1.1 **Description** The issue involves multiple vulnerabilities in the dhcp package, which can lead to a disruption of protected information availability. These vulnerabilities can be exploited remotely, potentially causing a denial of service due to an infinite loop and CPU consumption via a malformed client identifier. **Recommendations** For dhcp versions 4.1.1 through 4.2.4, update to a version later than 4.2.4 p2 to resolve the issue. For dhcp versions prior to 4.1-ESV-R6, update to 4.1-ESV-R6 or later to resolve the issue. For dhcp-common, dhcp-devel, and dhclient version 4.1.1, update to a version later than 4.1.1 to resolve the issue. As a temporary workaround, consider restricting access to the dhcp service to minimize the risk of exploitation.