Jon Franklin

**Name of the Vulnerable Software and Affected Versions** ISC DHCP versions 4.1-ESV-R1 through 4.1-ESV-R16 ISC DHCP versions 4.4.0 through 4.4.2 **Description** The issue is related to a buffer overflow in the memory when reading a lease, which can cause a denial of service. The outcome of encountering the defect varies according to the component being affected, whether the package was built as a 32-bit or 64-bit binary, and whether the compiler flag -fstack-protection-strong was used when compiling. In dhclient, it is possible to cause a crash on a 32-bit system when reading an improper lease, leading to network connectivity problems. In dhcpd, when run in DHCPv4 or DHCPv6 mode, the server may exit or improperly delete leases. **Recommendations** For ISC DHCP versions 4.1-ESV-R1 through 4.1-ESV-R16, consider updating to a newer version to mitigate the risk. For ISC DHCP versions 4.4.0 through 4.4.2, consider updating to a newer version to mitigate the risk. As a temporary workaround, consider restricting access to the lease database to minimize the risk of exploitation. Avoid using the `dhcpd` server binary built for a 32-bit architecture with the -fstack-protection-strong compiler flag until a patch is available.