Issued:: 2021-06-14
Updated:: 2021-06-14

RHSA-2021:2418 - Security Advisory

Overview
Updated Packages

Synopsis

Important: dhcp security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for dhcp is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.

Security Fix(es):

dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 7.2 x86_64

Fixes

BZ - 1963258 - CVE-2021-25217 dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient

CVEs

CVE-2021-25217

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 7.2

SRPM
dhcp-4.2.5-42.el7_2.2.src.rpm	SHA-256: d0bcc66dd8f95a47d9582fc033563a34f2d98d7faf74e9c8b851b137ddb399c2
x86_64
dhclient-4.2.5-42.el7_2.2.x86_64.rpm	SHA-256: dbabc5e0f2b587db721bee3b12453f0dea9697b778edc91026bb9d0b16c8c0f2
dhcp-4.2.5-42.el7_2.2.x86_64.rpm	SHA-256: 20a6b500791b98110346965b667e5c904d14130797e33c9cdbda59ae625b4f60
dhcp-common-4.2.5-42.el7_2.2.x86_64.rpm	SHA-256: 33941b5b4b84cb6601f083de9e22bc3840b0ceb62ac2b16894cca1146828e008
dhcp-debuginfo-4.2.5-42.el7_2.2.i686.rpm	SHA-256: 02d832b06535fc7b910185248bdce51f5ace993d3db25a6a1c8b4489fc079267
dhcp-debuginfo-4.2.5-42.el7_2.2.i686.rpm	SHA-256: 02d832b06535fc7b910185248bdce51f5ace993d3db25a6a1c8b4489fc079267
dhcp-debuginfo-4.2.5-42.el7_2.2.x86_64.rpm	SHA-256: 8100f6dc0d00f4928b5aa69d992e37fd0b9cc72f1435feec7dc7886d2aeb9a91
dhcp-debuginfo-4.2.5-42.el7_2.2.x86_64.rpm	SHA-256: 8100f6dc0d00f4928b5aa69d992e37fd0b9cc72f1435feec7dc7886d2aeb9a91
dhcp-devel-4.2.5-42.el7_2.2.i686.rpm	SHA-256: 86d8f36e4ff79925c666bdc84be172929f4e215c900d6da7464e495b6254b6eb
dhcp-devel-4.2.5-42.el7_2.2.x86_64.rpm	SHA-256: d445b92f5bda3aa439e55a3b5abfa02bc39ce1bcbf8e7a5cd27b3ff95f5b2f1e
dhcp-libs-4.2.5-42.el7_2.2.i686.rpm	SHA-256: 36c5b09b58027e2bc0bf5e338c7cbb1518ce0d32c8a39d057e0cdcfd6cec13f7
dhcp-libs-4.2.5-42.el7_2.2.x86_64.rpm	SHA-256: 1b8218ebde97b3a951eb5c3c21639371cb2225f9a791db3f823a956461b61103

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation