isc dhcp 内存缓冲区边界内操作的限制不恰当

admin

0
文章

0
评论

2023-12-01 14:29:45 Ali_nvd 来源：ZONE.CI 全球网 0 阅读模式

中危 isc dhcp 内存缓冲区边界内操作的限制不恰当

CVE编号

CVE-2021-25217

利用情况

暂无

补丁情况

没有补丁

披露时间

2021-05-27

漏洞描述

In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted.

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
http://www.openwall.com/lists/oss-security/2021/05/26/6
https://cert-portal.siemens.com/productcert/pdf/ssa-406691.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf
https://kb.isc.org/docs/cve-2021-25217
https://lists.debian.org/debian-lts-announce/2021/06/msg00002.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://security.gentoo.org/glsa/202305-22
https://security.netapp.com/advisory/ntap-20220325-0011/

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	isc	dhcp	*	From (including) 4.4.0	Up to (including) 4.4.2
	运行在以下环境
	应用	isc	dhcp	4.1-esv	-
	运行在以下环境
	系统	alibaba_cloud_linux_2.1903	dhclient	*		Up to (excluding) 4.2.5-83.1.al7.1
	运行在以下环境
	系统	alpine_3.12	dhcp	*		Up to (excluding) 4.4.2_p1-r0
	运行在以下环境
	系统	alpine_3.13	dhcp	*		Up to (excluding) 4.4.2_p1-r0
	运行在以下环境
	系统	alpine_3.14	dhcp	*		Up to (excluding) 4.4.2_p1-r0
	运行在以下环境
	系统	alpine_3.15	dhcp	*		Up to (excluding) 4.4.2_p1-r0
	运行在以下环境
	系统	alpine_3.16	dhcp	*		Up to (excluding) 4.4.2_p1-r0
	运行在以下环境
	系统	alpine_3.17	dhcp	*		Up to (excluding) 4.4.2_p1-r0
	运行在以下环境
	系统	alpine_3.18	dhcp	*		Up to (excluding) 4.4.2_p1-r0
	运行在以下环境
	系统	alpine_edge	dhcp	*		Up to (excluding) 4.4.2_p1-r0
	运行在以下环境
	系统	amazon_2	dhcp	*		Up to (excluding) 4.2.5-77.amzn2.1.3
	运行在以下环境
	系统	amazon_AMI	dhcp	*		Up to (excluding) 4.1.1-53.P1.29.amzn1
	运行在以下环境
	系统	anolis_os_8	dhcp-client	*		Up to (excluding) 4.3.6-44.0.1
	运行在以下环境
	系统	anolis_os_8.2	dhcp-relay	*		Up to (excluding) 4.3.6-40.0.1
	运行在以下环境
	系统	centos_7	dhclient	*		Up to (excluding) 4.2.5-83.el7.centos.1
	运行在以下环境
	系统	centos_8	dhcp-server	*		Up to (excluding) 4.3.6-44.el8_4.1
	运行在以下环境
	系统	debian_10	isc-dhcp	*		Up to (excluding) 4.4.1-2+deb10u1
	运行在以下环境
	系统	debian_11	isc-dhcp	*		Up to (excluding) 4.4.1-2.3
	运行在以下环境
	系统	debian_12	isc-dhcp	*		Up to (excluding) 4.4.1-2.3
	运行在以下环境
	系统	debian_9	isc-dhcp	*		Up to (excluding) 4.3.5-3+deb9u2
	运行在以下环境
	系统	debian_sid	isc-dhcp	*		Up to (excluding) 4.4.1-2.3
	运行在以下环境
	系统	fedora_33	dhcp-libs-static	*		Up to (excluding) 4.4.2-9.b1.fc33
	运行在以下环境
	系统	fedora_34	dhcp-libs-static	*		Up to (excluding) 4.4.2-11.b1.fc34
	运行在以下环境
	系统	kylinos_aarch64_V10	dhcp	*		Up to (excluding) 4.2.5-83.el7_9.1
	运行在以下环境
	系统	kylinos_aarch64_V10SP2	dhcp	*		Up to (excluding) 4.4.2-5.ky10
	运行在以下环境
	系统	kylinos_x86_64_V10	dhcp	*		Up to (excluding) 4.2.5-83.el7_9.1
	运行在以下环境
	系统	kylinos_x86_64_V10SP2	dhcp	*		Up to (excluding) 4.4.2-5.ky10
	运行在以下环境
	系统	opensuse_Leap_15.2	dhcp-devel	*		Up to (excluding) 4.3.6.P1-lp152.8.6.1
	运行在以下环境
	系统	opensuse_Leap_15.3	dhcp-devel	*		Up to (excluding) 4.3.6.P1-6.11.1
	运行在以下环境
	系统	oracle_6	oraclelinux-release	*		Up to (excluding) 4.1.1-63.P1.0.2.el6_10
	运行在以下环境
系统	oracle_7	oraclelinux-release	*		Up to (excluding) 4.2.5-83.0.1.el7_9.1
运行在以下环境
系统	oracle_8	oraclelinux-release	*		Up to (excluding) 4.3.6-44.el8_4.1
运行在以下环境
系统	redhat_6	dhclient	*		Up to (excluding) 12:4.1.1-64.P1.el6_10
运行在以下环境
系统	redhat_7	dhclient	*		Up to (excluding) 4.2.5-83.el7_9.1
运行在以下环境
系统	redhat_8	dhcp-server	*		Up to (excluding) 4.3.6-44.el8_4.1
运行在以下环境
系统	suse_12_SP5	dhcp	*		Up to (excluding) 4.3.3-10.22.1
运行在以下环境
系统	ubuntu_18.04	isc-dhcp	*		Up to (excluding) 4.3.5-3ubuntu7.3
运行在以下环境
系统	ubuntu_18.04.5_lts	isc-dhcp	*		Up to (excluding) 4.3.5-3ubuntu7.3
运行在以下环境
系统	ubuntu_20.04	isc-dhcp	*		Up to (excluding) 4.4.1-2.1ubuntu5.20.04.2
运行在以下环境
系统	ubuntu_21.04	isc-dhcp	*		Up to (excluding) 4.4.1-2.2ubuntu6.1
运行在以下环境
系统	ubuntu_21.10	isc-dhcp	*		Up to (excluding) 4.4.1-2.2ubuntu7
运行在以下环境
系统	ubuntu_22.04	isc-dhcp	*		Up to (excluding) 4.4.1-2.2ubuntu7