Issued:: 2021-06-14
Updated:: 2021-06-14

RHSA-2021:2415 - Security Advisory

Overview
Updated Packages

Synopsis

Important: dhcp security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for dhcp is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.

Security Fix(es):

dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 7.3 x86_64

Fixes

BZ - 1963258 - CVE-2021-25217 dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient

CVEs

CVE-2021-25217

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 7.3

SRPM
dhcp-4.2.5-47.el7_3.2.src.rpm	SHA-256: f57ca4c557f639dc18f14285a9e9fe86e68ddc35f21b6bd9e2442159cd786109
x86_64
dhclient-4.2.5-47.el7_3.2.x86_64.rpm	SHA-256: e2683a5e22f54edad84b719c95e95e1e47d9f4c098be62a3c2e2773d2560ced9
dhcp-4.2.5-47.el7_3.2.x86_64.rpm	SHA-256: 307d393d71d429f36435a86c289a7574c00491ed4822b04d83e3191413e41118
dhcp-common-4.2.5-47.el7_3.2.x86_64.rpm	SHA-256: 98ac3e8f1c7ebe670199f49b89c17a855f948d3993e9791e3610875db4e93abd
dhcp-debuginfo-4.2.5-47.el7_3.2.i686.rpm	SHA-256: ac5640182ede61b015d98bcc90e5c5c3e82e99b3fdee52ee8af95a453d9fb28b
dhcp-debuginfo-4.2.5-47.el7_3.2.i686.rpm	SHA-256: ac5640182ede61b015d98bcc90e5c5c3e82e99b3fdee52ee8af95a453d9fb28b
dhcp-debuginfo-4.2.5-47.el7_3.2.x86_64.rpm	SHA-256: 7909ba72d991fa9a8cc649f593e89a706b995a4de9d411168ae2cfd1399639d8
dhcp-debuginfo-4.2.5-47.el7_3.2.x86_64.rpm	SHA-256: 7909ba72d991fa9a8cc649f593e89a706b995a4de9d411168ae2cfd1399639d8
dhcp-devel-4.2.5-47.el7_3.2.i686.rpm	SHA-256: 8ad86c6fa4ab5156ef61a2b3bbef738053dfe386e95652d04eec6a9e6cd1f6e3
dhcp-devel-4.2.5-47.el7_3.2.x86_64.rpm	SHA-256: 1de734369e2ee770f4a3c7e4b47081ccc095934180ff9ad6f65705de168f63b1
dhcp-libs-4.2.5-47.el7_3.2.i686.rpm	SHA-256: 71ed893756489bbe00a636adab8d3ea19c2b78ff0c9414e885bbab947e671ecc
dhcp-libs-4.2.5-47.el7_3.2.x86_64.rpm	SHA-256: c9c33ab5577992a2661e8d5a1bde14011ee5182cad293a8630db66d93b7910e6

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation