PT-2017-15685 · Isc+5 · Isc Dhcp+5

Published

2017-12-21

Updated

2024-06-15

CVE-2017-3144

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions ISC DHCP versions 4.1.0 through 4.1-ESV-R15 ISC DHCP versions 4.2.0 through 4.2.8 ISC DHCP versions 4.3.0 through 4.3.6

Description A vulnerability exists due to the failure to properly clean up closed OMAPI connections, which can lead to exhaustion of the pool of socket descriptors available to the DHCP server.

Recommendations For versions 4.1.0 through 4.1-ESV-R15, update to a version outside of this range to resolve the issue. For versions 4.2.0 through 4.2.8, update to a version outside of this range to resolve the issue. For versions 4.3.0 through 4.3.6, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting the use of OMAPI connections to minimize the risk of socket descriptor exhaustion.

Fix

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

ALT-PU-2018-1300

CESA-2018_0158

CVE-2017-3144

DSA-4133-1

MGASA-2017-0458

OPENSUSE-SU-2024:10715-1

RHSA-2018:0158

RHSA-2018_0158

SUSE-SU-2018:0444-1

SUSE-SU-2018:0532-1

SUSE-SU-2018_0444-1

SUSE-SU-2018_0532-1

USN-3586-1

Affected Products

Alt Linux

Centos

Isc Dhcp

Red Hat

Suse

Ubuntu

PT-2017-15685 · Isc+5 · Isc Dhcp+5

CVE-2017-3144

Weakness Enumeration

Related Identifiers

Affected Products

References · 61