StarlingX

[Debian] [Medium] CVE: CVE-2022-2929: isc-dhcp : server to run out of memory

Bug #2043434 reported by Yue Tao
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
High
Zhixiong Chi

Bug Description

CVE-2022-2929: https://nvd.nist.gov/vuln/detail/CVE-2022-2929

In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.

Score:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:
https://security-tracker.debian.org/tracker/CVE-2022-2929

CVE References

Zhixiong Chi (zhixiongchi)
Changed in starlingx:
assignee: nobody → Zhixiong Chi (zhixiongchi)
Zhixiong Chi (zhixiongchi)
summary: - [Debian] CVE: [Medium] CVE-2022-2929: isc-dhcp : server to run out of
+ [Debian] [Medium] CVE: CVE-2022-2929: isc-dhcp : server to run out of
memory
Changed in starlingx:
status: Triaged → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to integ (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/starlingx/integ/+/900850

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to integ (master)

Reviewed: https://review.opendev.org/c/starlingx/integ/+/900850
Committed: https://opendev.org/starlingx/integ/commit/dcb205850c8e1abf3e7eba72191d34b3941596c9
Submitter: "Zuul (22348)"
Branch: master

commit dcb205850c8e1abf3e7eba72191d34b3941596c9
Author: Zhixiong Chi <email address hidden>
Date: Mon Nov 13 18:15:57 2023 -0800

    isc-dhcp: fix CVE-2022-2929

    Backport the source patch from the version 4.4.1-2.3+deb11u2.
    [https://sources.debian.org/src/isc-dhcp/4.4.1-2.3+deb11u2/debian/patches/CVE-2022-2929.patch]

    Refer to:
    https://security-tracker.debian.org/tracker/DSA-5251-1
    It refers to two issues, CVE-2022-2928 and CVE-2022-2929.
    CVE-2022-2928 has been fixed in
    [https://review.opendev.org/c/starlingx/integ/+/865278]

    Pass: build-pkgs -c -p isc-dhcp
    Pass: build-pkgs -a
    Pass: build-image
    Pass: Debian AIO jenkins installation

    Issue is very difficult to reproduce, so we are simply focused on
    making sure that this doesn't break anything.

    Closes-Bug: 2043434

    Signed-off-by: Zhixiong Chi <email address hidden>
    Change-Id: Ie9148ea007526160b34c57df5f98d776c04dbe3a

Changed in starlingx:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.