CVE-2019-6470

There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
iscCNA
6.5 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
VendorProductVersion
iscdhcpd
𝑥
< 4.4.1
redhatenterprise_linux
8.0
redhatenterprise_linux_desktop
7.0
redhatenterprise_linux_eus
8.1
redhatenterprise_linux_eus
8.2
redhatenterprise_linux_eus
8.4
redhatenterprise_linux_eus
8.6
redhatenterprise_linux_eus
8.8
redhatenterprise_linux_for_arm_64
8.0
redhatenterprise_linux_for_arm_64_eus
8.1_aarch64:_aarch64
redhatenterprise_linux_for_arm_64_eus
8.2_aarch64:_aarch64
redhatenterprise_linux_for_arm_64_eus
8.4_aarch64:_aarch64
redhatenterprise_linux_for_arm_64_eus
8.6_aarch64:_aarch64
redhatenterprise_linux_for_arm_64_eus
8.8_aarch64:_aarch64
redhatenterprise_linux_for_ibm_z_systems
7.0
redhatenterprise_linux_for_ibm_z_systems
8.0
redhatenterprise_linux_for_ibm_z_systems_eus
8.1_s390x:_s390x
redhatenterprise_linux_for_ibm_z_systems_eus
8.2_s390x:_s390x
redhatenterprise_linux_for_ibm_z_systems_eus
8.4_s390x:_s390x
redhatenterprise_linux_for_ibm_z_systems_eus
8.6_s390x:_s390x
redhatenterprise_linux_for_ibm_z_systems_eus
8.8_s390x:_s390x
redhatenterprise_linux_for_power_big_endian
7.0
redhatenterprise_linux_for_power_little_endian
7.0
redhatenterprise_linux_for_power_little_endian
8.0
redhatenterprise_linux_for_power_little_endian_eus
8.1_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian_eus
8.2_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian_eus
8.4_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian_eus
8.6_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian_eus
8.8_ppc64le:_ppc64le
redhatenterprise_linux_for_scientific_computing
7.0
redhatenterprise_linux_server
7.0
redhatenterprise_linux_server_aus
8.2
redhatenterprise_linux_server_aus
8.4
redhatenterprise_linux_server_aus
8.6
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
8.1
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
8.2
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
8.4
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
8.6
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
8.8
redhatenterprise_linux_server_tus
8.2
redhatenterprise_linux_server_tus
8.4
redhatenterprise_linux_server_tus
8.6
redhatenterprise_linux_server_tus
8.8
redhatenterprise_linux_update_services_for_sap_solutions
8.1
redhatenterprise_linux_update_services_for_sap_solutions
8.2
redhatenterprise_linux_update_services_for_sap_solutions
8.4
redhatenterprise_linux_update_services_for_sap_solutions
8.6
redhatenterprise_linux_update_services_for_sap_solutions
8.8
redhatenterprise_linux_workstation
7.0
opensuseleap
15.0
opensuseleap
15.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
isc-dhcp
bullseye
4.4.1-2.3+deb11u2
fixed
stretch
ignored
jessie
ignored
bullseye (security)
4.4.1-2.3+deb11u1
fixed
bookworm
4.4.3-P1-2
fixed
sid
4.4.3-P1-5
fixed
trixie
4.4.3-P1-5
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
isc-dhcp
disco
not-affected
cosmic
Fixed 4.3.5-3ubuntu9.1
released
bionic
Fixed 4.3.5-3ubuntu7.1
released
xenial
not-affected
trusty
not-affected
References
https://access.redhat.com/errata/RHSA-2019:2060
https://access.redhat.com/errata/RHSA-2019:3525
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896122
https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00048.html
https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00049.html
https://access.redhat.com/errata/RHSA-2019:2060
https://access.redhat.com/errata/RHSA-2019:3525
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896122
https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00048.html
https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00049.html