CVE-2019-6473

Summary

An invalid hostname option can trigger an assertion failure in the Kea DHCPv4 server process (kea-dhcp4), causing the server process to exit. Versions affected: 1.4.0 to 1.5.0, 1.6.0-beta1, and 1.6.0-beta2.

Affected Software

VendorProductVersion RangeStatus
ISCKea1.4.0 to 1.5.0affected
ISCKea1.6.0-beta1affected
ISCKea1.6.0-beta2affected

Weaknesses

  • An attacker who is able to deliberately exploit this vulnerability can cause the kea-dhcp4 server to stop executing, resulting in denial of service to clients. Only the DHCPv4 service is affected by this vulnerability.

ADP Enrichment

CVE Program Container

Additional References

References