← back
CVE-2017-3144

Failure to properly clean up closed OMAPI connections can exhaust available sockets

CVSS 5.3 MEDIUMEPSS 72.7%
A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected products
ISC · ISC DHCP

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://access.redhat.com/errata/RHSA-2018:0158https://kb.isc.org/docs/aa-01541https://usn.ubuntu.com/3586-1/https://www.debian.org/security/2018/dsa-4133http://www.securityfocus.com/bid/102726http://www.securitytracker.com/id/1040194