Issued:
2012-08-03
Updated:
2012-08-03

RHSA-2012:1140 - Security Advisory

Synopsis

Moderate: dhcp security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated dhcp packages that fix one security issue are now available for
Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

Description

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows
individual devices on an IP network to get their own network configuration
information, including an IP address, a subnet mask, and a broadcast
address.

A denial of service flaw was found in the way the dhcpd daemon handled
zero-length client identifiers. A remote attacker could use this flaw to
send a specially-crafted request to dhcpd, possibly causing it to enter an
infinite loop and consume an excessive amount of CPU time. (CVE-2012-3571)

Upstream acknowledges Markus Hietava of the Codenomicon CROSS project as
the original reporter of this issue.

Users of DHCP should upgrade to these updated packages, which contain a
backported patch to correct this issue. After installing this update, all
DHCP servers will be restarted automatically.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 ia64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux Desktop 5 x86_64
  • Red Hat Enterprise Linux Desktop 5 i386
  • Red Hat Enterprise Linux for IBM z Systems 5 s390x
  • Red Hat Enterprise Linux for Power, big endian 5 ppc
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

  • BZ - 842420 - CVE-2012-3571 dhcp: DoS due to error in handling malformed client identifiers

Red Hat Enterprise Linux Server 5

SRPM
dhcp-3.0.5-31.el5_8.1.src.rpm SHA-256: ec2598dbd44008207a59d872495a4c3c10b61c91afab531fafa90b09d1e0720d
x86_64
dhclient-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: eca8beb1500d0a3100a452f73eb9c9e5bdfbabb6cd1fd00fc83d1e59893346c9
dhcp-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: 58236f613ff18ff0c194cda4d4085b3a42f1ef4ef83783a83730002a504186cc
dhcp-debuginfo-3.0.5-31.el5_8.1.i386.rpm SHA-256: 11df4349866bf1b81b758eacaac0cea1eea5f78fa276c8ae1477a8d455ccbef4
dhcp-debuginfo-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: 70f21bd8e439d9f65ee5d8552be4b3ae77cf1ca5b41e652bdbaf6527c8c3fc5d
dhcp-devel-3.0.5-31.el5_8.1.i386.rpm SHA-256: 6e0230823326696271387d15c857b48448bdecb97af85e2a226483a851bce17e
dhcp-devel-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: ca556de4ccaf8ea2c48d625ae670f51c50508b077b0714180ff0e868b1376a8d
libdhcp4client-3.0.5-31.el5_8.1.i386.rpm SHA-256: 7030c0687300fb792d93b4b5cbe232d5d79b0abc7f5113fe332b3d232da937e3
libdhcp4client-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: 4ac9502fe11987b423e7e03d96b594d9310268ff779dd76a864281f5da14e629
libdhcp4client-devel-3.0.5-31.el5_8.1.i386.rpm SHA-256: 7a6fc552f4499a1826b4b93efc9fcdd7471102bacaa176c4d8a81dd52a380d3e
libdhcp4client-devel-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: 5039740c1e2f24af75cf554e456ffdc263f1c6ada33dc79f9379db50a90fb24d
ia64
dhclient-3.0.5-31.el5_8.1.ia64.rpm SHA-256: de0245266980f09a078982ec2a0514721e9d841c77c7252241752cfe75dcb203
dhcp-3.0.5-31.el5_8.1.ia64.rpm SHA-256: a2d4cc3326b0867a87877685199e3770fa1c17f395958603017f25fd4f6ae6d8
dhcp-debuginfo-3.0.5-31.el5_8.1.ia64.rpm SHA-256: 5783441774ef04306eb4b1043e90358ac04c85d8b078d7b0651ff4bf1fda98f0
dhcp-devel-3.0.5-31.el5_8.1.ia64.rpm SHA-256: baba1b84ced7a56797970791b412f3e8bfaba781fbcf97193a08bd82e6133187
libdhcp4client-3.0.5-31.el5_8.1.ia64.rpm SHA-256: 4f6ad2f71aa50b1349d661c5859e49f2593ea64b002d120b2ffb91c5d41c4c8b
libdhcp4client-devel-3.0.5-31.el5_8.1.ia64.rpm SHA-256: 82640d26fe14050893922e6e591a8d05cb15becc554e26423ad747d2dc41eb86
i386
dhclient-3.0.5-31.el5_8.1.i386.rpm SHA-256: 31d1f2af6df3279b62a8df30c2a30bfff2c4349b2f6b74b29be777f1102bb6e8
dhcp-3.0.5-31.el5_8.1.i386.rpm SHA-256: 2e989cfcebac3b73ff7d9443495caf7534d1084feaa3dabf86062d9ab2980df4
dhcp-debuginfo-3.0.5-31.el5_8.1.i386.rpm SHA-256: 11df4349866bf1b81b758eacaac0cea1eea5f78fa276c8ae1477a8d455ccbef4
dhcp-devel-3.0.5-31.el5_8.1.i386.rpm SHA-256: 6e0230823326696271387d15c857b48448bdecb97af85e2a226483a851bce17e
libdhcp4client-3.0.5-31.el5_8.1.i386.rpm SHA-256: 7030c0687300fb792d93b4b5cbe232d5d79b0abc7f5113fe332b3d232da937e3
libdhcp4client-devel-3.0.5-31.el5_8.1.i386.rpm SHA-256: 7a6fc552f4499a1826b4b93efc9fcdd7471102bacaa176c4d8a81dd52a380d3e

Red Hat Enterprise Linux Workstation 5

SRPM
dhcp-3.0.5-31.el5_8.1.src.rpm SHA-256: ec2598dbd44008207a59d872495a4c3c10b61c91afab531fafa90b09d1e0720d
x86_64
dhclient-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: eca8beb1500d0a3100a452f73eb9c9e5bdfbabb6cd1fd00fc83d1e59893346c9
dhcp-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: 58236f613ff18ff0c194cda4d4085b3a42f1ef4ef83783a83730002a504186cc
dhcp-debuginfo-3.0.5-31.el5_8.1.i386.rpm SHA-256: 11df4349866bf1b81b758eacaac0cea1eea5f78fa276c8ae1477a8d455ccbef4
dhcp-debuginfo-3.0.5-31.el5_8.1.i386.rpm SHA-256: 11df4349866bf1b81b758eacaac0cea1eea5f78fa276c8ae1477a8d455ccbef4
dhcp-debuginfo-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: 70f21bd8e439d9f65ee5d8552be4b3ae77cf1ca5b41e652bdbaf6527c8c3fc5d
dhcp-debuginfo-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: 70f21bd8e439d9f65ee5d8552be4b3ae77cf1ca5b41e652bdbaf6527c8c3fc5d
dhcp-devel-3.0.5-31.el5_8.1.i386.rpm SHA-256: 6e0230823326696271387d15c857b48448bdecb97af85e2a226483a851bce17e
dhcp-devel-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: ca556de4ccaf8ea2c48d625ae670f51c50508b077b0714180ff0e868b1376a8d
libdhcp4client-3.0.5-31.el5_8.1.i386.rpm SHA-256: 7030c0687300fb792d93b4b5cbe232d5d79b0abc7f5113fe332b3d232da937e3
libdhcp4client-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: 4ac9502fe11987b423e7e03d96b594d9310268ff779dd76a864281f5da14e629
libdhcp4client-devel-3.0.5-31.el5_8.1.i386.rpm SHA-256: 7a6fc552f4499a1826b4b93efc9fcdd7471102bacaa176c4d8a81dd52a380d3e
libdhcp4client-devel-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: 5039740c1e2f24af75cf554e456ffdc263f1c6ada33dc79f9379db50a90fb24d
i386
dhclient-3.0.5-31.el5_8.1.i386.rpm SHA-256: 31d1f2af6df3279b62a8df30c2a30bfff2c4349b2f6b74b29be777f1102bb6e8
dhcp-3.0.5-31.el5_8.1.i386.rpm SHA-256: 2e989cfcebac3b73ff7d9443495caf7534d1084feaa3dabf86062d9ab2980df4
dhcp-debuginfo-3.0.5-31.el5_8.1.i386.rpm SHA-256: 11df4349866bf1b81b758eacaac0cea1eea5f78fa276c8ae1477a8d455ccbef4
dhcp-debuginfo-3.0.5-31.el5_8.1.i386.rpm SHA-256: 11df4349866bf1b81b758eacaac0cea1eea5f78fa276c8ae1477a8d455ccbef4
dhcp-devel-3.0.5-31.el5_8.1.i386.rpm SHA-256: 6e0230823326696271387d15c857b48448bdecb97af85e2a226483a851bce17e
libdhcp4client-3.0.5-31.el5_8.1.i386.rpm SHA-256: 7030c0687300fb792d93b4b5cbe232d5d79b0abc7f5113fe332b3d232da937e3
libdhcp4client-devel-3.0.5-31.el5_8.1.i386.rpm SHA-256: 7a6fc552f4499a1826b4b93efc9fcdd7471102bacaa176c4d8a81dd52a380d3e

Red Hat Enterprise Linux Desktop 5

SRPM
dhcp-3.0.5-31.el5_8.1.src.rpm SHA-256: ec2598dbd44008207a59d872495a4c3c10b61c91afab531fafa90b09d1e0720d
x86_64
dhclient-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: eca8beb1500d0a3100a452f73eb9c9e5bdfbabb6cd1fd00fc83d1e59893346c9
dhcp-debuginfo-3.0.5-31.el5_8.1.i386.rpm SHA-256: 11df4349866bf1b81b758eacaac0cea1eea5f78fa276c8ae1477a8d455ccbef4
dhcp-debuginfo-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: 70f21bd8e439d9f65ee5d8552be4b3ae77cf1ca5b41e652bdbaf6527c8c3fc5d
libdhcp4client-3.0.5-31.el5_8.1.i386.rpm SHA-256: 7030c0687300fb792d93b4b5cbe232d5d79b0abc7f5113fe332b3d232da937e3
libdhcp4client-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: 4ac9502fe11987b423e7e03d96b594d9310268ff779dd76a864281f5da14e629
i386
dhclient-3.0.5-31.el5_8.1.i386.rpm SHA-256: 31d1f2af6df3279b62a8df30c2a30bfff2c4349b2f6b74b29be777f1102bb6e8
dhcp-debuginfo-3.0.5-31.el5_8.1.i386.rpm SHA-256: 11df4349866bf1b81b758eacaac0cea1eea5f78fa276c8ae1477a8d455ccbef4
libdhcp4client-3.0.5-31.el5_8.1.i386.rpm SHA-256: 7030c0687300fb792d93b4b5cbe232d5d79b0abc7f5113fe332b3d232da937e3

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
dhcp-3.0.5-31.el5_8.1.src.rpm SHA-256: ec2598dbd44008207a59d872495a4c3c10b61c91afab531fafa90b09d1e0720d
s390x
dhclient-3.0.5-31.el5_8.1.s390x.rpm SHA-256: e6472b006cb4f989ddef6a9c82704c7514b65dc1980ff540aa1a2d4521de0878
dhcp-3.0.5-31.el5_8.1.s390x.rpm SHA-256: 06e25667909ece648da22b0d889c776d83fa33af169499c947572009208fb97b
dhcp-debuginfo-3.0.5-31.el5_8.1.s390.rpm SHA-256: 61f1c7cd0316a54d7b50e9048329f85b9e42e498a0a68322a1e73e31f8b4b2cb
dhcp-debuginfo-3.0.5-31.el5_8.1.s390x.rpm SHA-256: 0312a68998cf1f468a6577faba19a91581decba8c89f88cc5015274e92eb94cf
dhcp-devel-3.0.5-31.el5_8.1.s390.rpm SHA-256: 5d71cc60674e6cbbd954f5cbf66bad98ca176d31461f4e74ac89558e3b4e573e
dhcp-devel-3.0.5-31.el5_8.1.s390x.rpm SHA-256: c0cddcadbce51aacdb86d605b171ec43afdf6a50c9bea1ab52740771317523ff
libdhcp4client-3.0.5-31.el5_8.1.s390.rpm SHA-256: 285f02e6568502792dfec6b97962f60ea0b90605d3e60d4f8feb34bf4db2e37d
libdhcp4client-3.0.5-31.el5_8.1.s390x.rpm SHA-256: 049408b0c6adf205ad2b3174cf1f4c6e828b3e72986c53fde89972fc9ddcd3e9
libdhcp4client-devel-3.0.5-31.el5_8.1.s390.rpm SHA-256: 0a971376a2ced29b74919913126d772b1925b8d810addfb81b96e3475a76b4de
libdhcp4client-devel-3.0.5-31.el5_8.1.s390x.rpm SHA-256: d27b1b50a83c3afb1ff510c7d07cb87cbb59b5970df674e6bac38e41f2a3afe6

Red Hat Enterprise Linux for Power, big endian 5

SRPM
dhcp-3.0.5-31.el5_8.1.src.rpm SHA-256: ec2598dbd44008207a59d872495a4c3c10b61c91afab531fafa90b09d1e0720d
ppc
dhclient-3.0.5-31.el5_8.1.ppc.rpm SHA-256: 0c7e3d0802fbacee84e37c56198fc049f82756df5a8e4c76f5afcf5bdcb176cc
dhcp-3.0.5-31.el5_8.1.ppc.rpm SHA-256: 7f73767fd272bd129aadd8be03428757edcb0359042fc605dc4e919c53689354
dhcp-debuginfo-3.0.5-31.el5_8.1.ppc.rpm SHA-256: fd7be3fbd749c61767fcc6211fc5cc12a50f1be9dc1daa7c44d40affcf86f492
dhcp-debuginfo-3.0.5-31.el5_8.1.ppc64.rpm SHA-256: 370a10d95d0b2627f1139c747b7570230e766c76fe00d4e62031905089396757
dhcp-devel-3.0.5-31.el5_8.1.ppc.rpm SHA-256: 6e32d11e5fe1981eec979dce96663add680f998fc2e6dfa69389e5361354ae9d
dhcp-devel-3.0.5-31.el5_8.1.ppc64.rpm SHA-256: 4b213dcffbb6c0e1cc0bbff44b92760f45e718338266eaa2a6e07e6df31744e9
libdhcp4client-3.0.5-31.el5_8.1.ppc.rpm SHA-256: dc9bb51f64ca0650d6bdee41c74b3cbd4ff4e5aef65395f9e7b72b117eec8898
libdhcp4client-3.0.5-31.el5_8.1.ppc64.rpm SHA-256: b780ca6ad30c3b9c421b61cc09245f9bd717051c7c2cf13fc390ac0ceb965f11
libdhcp4client-devel-3.0.5-31.el5_8.1.ppc.rpm SHA-256: c3f7a765600098099981aa7715bf80305e233ca943f89df0a308061ceedfbcba
libdhcp4client-devel-3.0.5-31.el5_8.1.ppc64.rpm SHA-256: 748918489edeea76626359dc7e783edd0132cc46d2674ad964eb00868164be54

Red Hat Enterprise Linux Server from RHUI 5

SRPM
dhcp-3.0.5-31.el5_8.1.src.rpm SHA-256: ec2598dbd44008207a59d872495a4c3c10b61c91afab531fafa90b09d1e0720d
x86_64
dhclient-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: eca8beb1500d0a3100a452f73eb9c9e5bdfbabb6cd1fd00fc83d1e59893346c9
dhcp-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: 58236f613ff18ff0c194cda4d4085b3a42f1ef4ef83783a83730002a504186cc
dhcp-debuginfo-3.0.5-31.el5_8.1.i386.rpm SHA-256: 11df4349866bf1b81b758eacaac0cea1eea5f78fa276c8ae1477a8d455ccbef4
dhcp-debuginfo-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: 70f21bd8e439d9f65ee5d8552be4b3ae77cf1ca5b41e652bdbaf6527c8c3fc5d
dhcp-devel-3.0.5-31.el5_8.1.i386.rpm SHA-256: 6e0230823326696271387d15c857b48448bdecb97af85e2a226483a851bce17e
dhcp-devel-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: ca556de4ccaf8ea2c48d625ae670f51c50508b077b0714180ff0e868b1376a8d
libdhcp4client-3.0.5-31.el5_8.1.i386.rpm SHA-256: 7030c0687300fb792d93b4b5cbe232d5d79b0abc7f5113fe332b3d232da937e3
libdhcp4client-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: 4ac9502fe11987b423e7e03d96b594d9310268ff779dd76a864281f5da14e629
libdhcp4client-devel-3.0.5-31.el5_8.1.i386.rpm SHA-256: 7a6fc552f4499a1826b4b93efc9fcdd7471102bacaa176c4d8a81dd52a380d3e
libdhcp4client-devel-3.0.5-31.el5_8.1.x86_64.rpm SHA-256: 5039740c1e2f24af75cf554e456ffdc263f1c6ada33dc79f9379db50a90fb24d
i386
dhclient-3.0.5-31.el5_8.1.i386.rpm SHA-256: 31d1f2af6df3279b62a8df30c2a30bfff2c4349b2f6b74b29be777f1102bb6e8
dhcp-3.0.5-31.el5_8.1.i386.rpm SHA-256: 2e989cfcebac3b73ff7d9443495caf7534d1084feaa3dabf86062d9ab2980df4
dhcp-debuginfo-3.0.5-31.el5_8.1.i386.rpm SHA-256: 11df4349866bf1b81b758eacaac0cea1eea5f78fa276c8ae1477a8d455ccbef4
dhcp-devel-3.0.5-31.el5_8.1.i386.rpm SHA-256: 6e0230823326696271387d15c857b48448bdecb97af85e2a226483a851bce17e
libdhcp4client-3.0.5-31.el5_8.1.i386.rpm SHA-256: 7030c0687300fb792d93b4b5cbe232d5d79b0abc7f5113fe332b3d232da937e3
libdhcp4client-devel-3.0.5-31.el5_8.1.i386.rpm SHA-256: 7a6fc552f4499a1826b4b93efc9fcdd7471102bacaa176c4d8a81dd52a380d3e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.