FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

kea -- unexpected termination while handling a malformed packet

Affected packages
0.9.2 <= kea < 1.0.0

Details

VuXML ID 59e7eb28-b309-11e5-af83-80ee73b5dcf5
Discovery 2015-12-15
Entry 2016-01-04
Modified 2016-01-05

ISC Support reports:

ISC Kea may terminate unexpectedly (crash) while handling a malformed client packet. Related defects in the kea-dhcp4 and kea-dhcp6 servers can cause the server to crash during option processing if a client sends a malformed packet. An attacker sending a crafted malformed packet can cause an ISC Kea server providing DHCP services to IPv4 or IPv6 clients to exit unexpectedly.

References

CVE Name CVE-2015-8373
URL https://kb.isc.org/article/AA-01318/0/CVE-2015-8373-ISC-Kea%3A-unexpected-termination-while-handling-a-malformed-packet.html