CVE-2018-5739
Published: 16 January 2019
An extension to hooks capabilities which debuted in Kea 1.4.0 introduced a memory leak for operators who are using certain hooks library facilities. In order to support multiple requests simultaneously, Kea 1.4 added a callout handle store but unfortunately the initial implementation of this store does not properly free memory in every case. Hooks which make use of query4 or query6 parameters in their callouts can leak memory, resulting in the eventual exhaustion of available memory and subsequent failure of the server process. Affects Kea DHCP 1.4.0.
Notes
Author | Note |
---|---|
mdeslaur | introduced in 1.4.0, fixed in 1.4.0-P1 |
Priority
Status
Package | Release | Status |
---|---|---|
isc-kea Launchpad, Ubuntu, Debian |
impish |
Ignored
(end of life)
|
artful |
Ignored
(end of life)
|
|
bionic |
Not vulnerable
(code not present)
|
|
cosmic |
Ignored
(end of life)
|
|
disco |
Ignored
(end of life)
|
|
eoan |
Ignored
(end of life)
|
|
focal |
Not vulnerable
|
|
groovy |
Ignored
(end of life)
|
|
hirsute |
Ignored
(end of life)
|
|
jammy |
Not vulnerable
|
|
kinetic |
Not vulnerable
|
|
lunar |
Not vulnerable
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(debian: Vulnerable code introduced in Kea 1.4.0)
|
|
xenial |
Not vulnerable
(code not present)
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 7.5 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | None |
Integrity impact | None |
Availability impact | High |
Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |