What is CVE-2018-5733?

CVE-2018-5733 is a medium-severity vulnerability in Isc Dhcp. CVSS score: 5.9/10. Published 2019-01-16.

How severe is CVE-2018-5733?

Medium severity. CVSS v3 base score is 5.9 out of 10.

Vulnerability in Isc Dhcp

CVE-2018-5733

A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15…

EPSS: 0.202 (97.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.9 (Medium). Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Isc Dhcp — versions ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0

References

kb.isc.org/docs/aa-01567 (x_refsource_CONFIRM)
RHSA-2018:0469 (vendor-advisory, x_refsource_REDHAT)
DSA-4133 (vendor-advisory, x_refsource_DEBIAN)
USN-3586-2 (vendor-advisory, x_refsource_UBUNTU)
RHSA-2018:0483 (vendor-advisory, x_refsource_REDHAT)
USN-3586-1 (vendor-advisory, x_refsource_UBUNTU)
103188 (vdb-entry, x_refsource_BID)
1040437 (vdb-entry, x_refsource_SECTRACK)
[debian-lts-announce] 20180322 [SECURITY] [DLA 1313-1] isc-dhcp security update (mailing-list, x_refsource_MLIST)

Frequently asked questions

What is CVE-2018-5733?: CVE-2018-5733 is a medium-severity vulnerability in Isc Dhcp. CVSS score: 5.9/10. Published 2019-01-16.
How severe is CVE-2018-5733?: Medium severity. CVSS v3 base score is 5.9 out of 10.