Glen Eustace

**Name of the Vulnerable Software and Affected Versions** ISC DHCP versions 4.1.x through 4.1-ESV-R6 ISC DHCP versions 4.2.x through 4.2.4-P1 **Description** The issue allows remote attackers to cause a denial of service, potentially disrupting the availability of protected information. This can be achieved by establishing an IPv6 lease in an environment where the lease expiration time is later reduced, leading to opportunistic circumstances that may cause the daemon to crash. **Recommendations** For ISC DHCP versions 4.1.x through 4.1-ESV-R6, update to version 4.1-ESV-R7 or later. For ISC DHCP versions 4.2.x through 4.2.4-P1, update to version 4.2.4-P2 or later.

**Name of the Vulnerable Software and Affected Versions** dhcp versions 4.1.1 through 4.2.3 dhcp versions prior to 4.2.4-P1 dhcp versions prior to 4.1-ESV-R6 **Description** The issue involves multiple vulnerabilities in the dhcp package that can lead to a denial of service due to memory consumption. These vulnerabilities can be exploited remotely by sending many requests, causing disruption to the availability of protected information. **Recommendations** For versions 4.1.1, update to version 4.1-ESV-R6 or later. For versions 4.2.x prior to 4.2.4-P1, update to version 4.2.4-P1 or later. As a temporary workaround, consider restricting access to the dhcp service to minimize the risk of exploitation.