isc dhcp 空指针解引用

admin

0
文章

0
评论

2023-11-30 05:43:14 Ali_nvd 来源：ZONE.CI 全球网 0 阅读模式

中危 isc dhcp 空指针解引用

CVE编号

CVE-2022-2928

利用情况

暂无

补丁情况

官方补丁

披露时间

2022-10-07

漏洞描述

In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort.

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
https://kb.isc.org/docs/cve-2022-2928
https://lists.debian.org/debian-lts-announce/2022/10/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://security.gentoo.org/glsa/202305-22

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	isc	dhcp	*	From (including) 4.4.0	Up to (including) 4.4.3
	运行在以下环境
	应用	isc	dhcp	4.1-esv	-
	运行在以下环境
	系统	alpine_3.13	dhcp	*		Up to (excluding) 4.4.3_p1-r0
	运行在以下环境
	系统	alpine_3.14	dhcp	*		Up to (excluding) 4.4.3_p1-r0
	运行在以下环境
	系统	alpine_3.15	dhcp	*		Up to (excluding) 4.4.3_p1-r0
	运行在以下环境
	系统	alpine_3.16	dhcp	*		Up to (excluding) 4.4.3_p1-r0
	运行在以下环境
	系统	alpine_3.17	dhcp	*		Up to (excluding) 4.4.3_p1-r0
	运行在以下环境
	系统	alpine_3.18	dhcp	*		Up to (excluding) 4.4.3_p1-r0
	运行在以下环境
	系统	alpine_edge	dhcp	*		Up to (excluding) 4.4.3_p1-r0
	运行在以下环境
	系统	amazon_2	dhcp	*		Up to (excluding) 4.2.5-79.amzn2.1.2
	运行在以下环境
	系统	anolis_os_8	dhcp	*		Up to (excluding) 4.3.6-49.0.1
	运行在以下环境
	系统	centos_8	dhcp-debugsource	*		Up to (excluding) 4.3.6-49.el8
	运行在以下环境
	系统	debian_10	isc-dhcp	*		Up to (excluding) 4.4.1-2+deb10u2
	运行在以下环境
	系统	debian_11	isc-dhcp	*		Up to (excluding) 4.4.1-2.3+deb11u1
	运行在以下环境
	系统	debian_12	isc-dhcp	*		Up to (excluding) 4.4.3-2.1
	运行在以下环境
	系统	debian_sid	isc-dhcp	*		Up to (excluding) 4.4.3-2.1
	运行在以下环境
	系统	fedora_35	dhcp	*		Up to (excluding) 4.4.3-4.P1.fc35
	运行在以下环境
	系统	fedora_36	dhcp	*		Up to (excluding) 4.4.3-4.P1.fc36
	运行在以下环境
	系统	fedora_37	dhcp	*		Up to (excluding) 4.4.3-4.P1.fc37
	运行在以下环境
	系统	fedora_38	dhcp	*		Up to (excluding) 4.4.3-4.P1.fc38
	运行在以下环境
	系统	kylinos_aarch64_V10	dhcp	*		Up to (excluding) 4.4.2-9.ky10
	运行在以下环境
	系统	kylinos_aarch64_V10SP1	dhcp	*		Up to (excluding) 4.4.2-9.ky10
	运行在以下环境
	系统	kylinos_aarch64_V10SP2	dhcp	*		Up to (excluding) 4.4.2-9.ky10
	运行在以下环境
	系统	kylinos_aarch64_V10SP3	dhcp	*		Up to (excluding) 4.4.2-9.ky10
	运行在以下环境
	系统	kylinos_loongarch64_V10SP1	dhcp	*		Up to (excluding) 4.4.2-9.a.ky10
	运行在以下环境
	系统	kylinos_loongarch64_V10SP3	dhcp	*		Up to (excluding) 4.4.2-9.a.ky10
	运行在以下环境
	系统	kylinos_x86_64_V10	dhcp	*		Up to (excluding) 4.4.2-9.ky10
	运行在以下环境
	系统	kylinos_x86_64_V10SP1	dhcp	*		Up to (excluding) 4.4.2-9.ky10
	运行在以下环境
	系统	kylinos_x86_64_V10SP2	dhcp	*		Up to (excluding) 4.4.2-9.ky10
	运行在以下环境
	系统	opensuse_Leap_15.3	dhcp	*		Up to (excluding) 4.3.6.P1-150000.6.17.1
	运行在以下环境
	系统	opensuse_Leap_15.4	dhcp	*		Up to (excluding) 4.3.6.P1-150000.6.17.1
	运行在以下环境
系统	oracle_8	oraclelinux-release	*		Up to (excluding) 4.3.6-49.el8
运行在以下环境
系统	oracle_9	oraclelinux-release	*		Up to (excluding) 4.4.2-18.b1.el9
运行在以下环境
系统	redhat_8	dhcp-debugsource	*		Up to (excluding) 4.3.6-49.el8
运行在以下环境
系统	redhat_9	dhcp-debugsource	*		Up to (excluding) 4.4.2-18.b1.el9
运行在以下环境
系统	suse_12_SP5	dhcp	*		Up to (excluding) 4.3.3-10.28.1
运行在以下环境
系统	ubuntu_18.04	isc-dhcp	*		Up to (excluding) 4.3.5-3ubuntu7.4
运行在以下环境
系统	ubuntu_20.04	isc-dhcp	*		Up to (excluding) 4.4.1-2.1ubuntu5.20.04.4
运行在以下环境
系统	ubuntu_22.04	isc-dhcp	*		Up to (excluding) 4.4.1-2.3ubuntu2.3
运行在以下环境
系统	ubuntu_22.10	isc-dhcp	*		Up to (excluding) 4.4.3-2ubuntu4
运行在以下环境
系统	unionos_d	isc-dhcp	*		Up to (excluding) 4.4.1.2-deepin1
运行在以下环境
系统	unionos_e	dhcp	*		Up to (excluding) dhcp-4.4.2-9.uel20