PT-2019-18105 · Isc · Kea Dhcpv6 Server

Published

2019-08-28

Updated

2019-12-05

CVE-2019-6472

CVSS v3.1

6.5

Medium

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Kea DHCPv6 server versions 1.4.0 through 1.5.0 Kea DHCPv6 server versions 1.6.0-beta1 Kea DHCPv6 server versions 1.6.0-beta2

Description A malformed DUID in a packet can cause the Kea DHCPv6 server process to exit due to an assertion failure.

Recommendations For versions 1.4.0 through 1.5.0, update to a version that fixes the assertion failure issue. For version 1.6.0-beta1, update to a version that fixes the assertion failure issue. For version 1.6.0-beta2, update to a version that fixes the assertion failure issue.

Fix

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-617

Related Identifiers

CVE-2019-6472

Affected Products

Kea Dhcpv6 Server

PT-2019-18105 · Isc · Kea Dhcpv6 Server

CVE-2019-6472

Weakness Enumeration

Related Identifiers

Affected Products

References · 10