CVE-2018-5739

Name of the Vulnerable Software and Affected Versions: Kea DHCP version 1.4.0

Description: A memory leak issue affects operators using certain hooks library facilities, specifically those that utilize query4 or query6 parameters in their callouts. This leak results from the improper freeing of memory in the callout handle store, introduced to support multiple requests simultaneously. The issue leads to the exhaustion of available memory and the subsequent failure of the server process.

Recommendations: For Kea DHCP version 1.4.0, consider disabling hooks that use query4 or query6 parameters in their callouts as a temporary workaround to prevent memory leaks. Restrict access to these hooks to minimize the risk of exploitation until a proper fix is available.