CVE-2018-5733
A malicious client can overflow a reference counter in ISC dhcpd
In short
A malicious DHCP client can send billions of packets to a DHCP server to overflow an internal counter, potentially crashing the server. This requires the attacker to send massive amounts of traffic over an extended period.
Technical detail
A 32-bit reference counter in ISC dhcpd can be overflowed by a malicious client with network access to the DHCP server, requiring transmission of billions of crafted packets. The overflow can lead to denial of service through server crash. Affected versions: 4.1.0–4.1-ESV-R15, 4.2.0–4.2.8, 4.3.0–4.3.6, 4.4.0.
Summary generated and translated by AI from the official description.
A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0.
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products
ISC · ISC DHCPWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://access.redhat.com/errata/RHSA-2018:0469https://access.redhat.com/errata/RHSA-2018:0483https://kb.isc.org/docs/aa-01567https://lists.debian.org/debian-lts-announce/2018/03/msg00015.htmlhttps://security.netapp.com/advisory/ntap-20250425-0010/https://usn.ubuntu.com/3586-1/https://usn.ubuntu.com/3586-2/https://www.debian.org/security/2018/dsa-4133http://www.securityfocus.com/bid/103188http://www.securitytracker.com/id/1040437