6.5

CVE-2022-2928

EPSS 0.03%
Published 07.10.2022 05:15:08
Last modified 21.11.2024 07:01:56
Source security-officer@isc.org
Teams watchlist Login
Open Login

In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort.

Affected products Warnungen 0 Metrics 3 CWE 1 References 9

Data is provided by the National Vulnerability Database (NVD)

Isc ≫ Dhcp Version >= 4.4.0 <= 4.4.3

Isc ≫ Dhcp Version4.1-esv Updater1

Isc ≫ Dhcp Version4.1-esv Updater10

Isc ≫ Dhcp Version4.1-esv Updater10_b1

Isc ≫ Dhcp Version4.1-esv Updater10_rc1

Isc ≫ Dhcp Version4.1-esv Updater10b1

Isc ≫ Dhcp Version4.1-esv Updater10rc1

Isc ≫ Dhcp Version4.1-esv Updater11

Isc ≫ Dhcp Version4.1-esv Updater11_b1

Isc ≫ Dhcp Version4.1-esv Updater11_rc1

Isc ≫ Dhcp Version4.1-esv Updater11_rc2

Isc ≫ Dhcp Version4.1-esv Updater11b1

Isc ≫ Dhcp Version4.1-esv Updater11rc1

Isc ≫ Dhcp Version4.1-esv Updater11rc2

Isc ≫ Dhcp Version4.1-esv Updater12

Isc ≫ Dhcp Version4.1-esv Updater12-p1

Isc ≫ Dhcp Version4.1-esv Updater12_b1

Isc ≫ Dhcp Version4.1-esv Updater12_p1

Isc ≫ Dhcp Version4.1-esv Updater12b1

Isc ≫ Dhcp Version4.1-esv Updater13

Isc ≫ Dhcp Version4.1-esv Updater13_b1

Isc ≫ Dhcp Version4.1-esv Updater13b1

Isc ≫ Dhcp Version4.1-esv Updater14

Isc ≫ Dhcp Version4.1-esv Updater14_b1

Isc ≫ Dhcp Version4.1-esv Updater14b1

Isc ≫ Dhcp Version4.1-esv Updater15

Isc ≫ Dhcp Version4.1-esv Updater15-p1

Isc ≫ Dhcp Version4.1-esv Updater15_b1

Isc ≫ Dhcp Version4.1-esv Updater16

Isc ≫ Dhcp Version4.1-esv Updater16-p1

Debian ≫ Debian Linux Version10.0

Fedoraproject ≫ Fedora Version35

Fedoraproject ≫ Fedora Version36

Fedoraproject ≫ Fedora Version37

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.089

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
security-officer@isc.org	6.5	2.8	3.6	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://security.gentoo.org/glsa/202305-22

https://kb.isc.org/docs/cve-2022-2928

Vendor Advisory

https://lists.debian.org/debian-lts-announce/2022/10/msg00015.html

Third Party Advisory

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SARIK7KZ7MGQIWDRWZFAOSQSPXY4GOU/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQXYCIWUDILRCNBAIMVFCSGXBRKEPB4K/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T6IBFH4MRRNJQVWEKILQ6I6CXWW766FX/

https://nvd.nist.gov/vuln/detail/CVE-2022-2928

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-2928

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-2928

EUVD