Allele Security Alert
ASA-2019-00578
Identifier(s)
ASA-2019-00578, CVE-2019-6472
Title
A packet containing a malformed DUID can cause the kea-dhcp6 server to terminate
Vendor(s)
Internet Systems Consortium (ISC)
Product(s)
ISC Kea DHCP
Affected version(s)
ISC Kea DHCP version 1.6.0-beta1
ISC Kea DHCP version 1.6.0-beta2
ISC Kea DHCP version 1.5.0
ISC Kea DHCP version 1.4.0
Fixed version(s)
ISC Kea DHCP version 1.6.0
ISC Kea DHCP version 1.5.0-P1
ISC Kea DHCP version 1.4.0-P2
Proof of concept
Unknown
Description
A packet containing a malformed DUID can cause the Kea DHCPv6 server process (kea-dhcp6) to exit due to an assertion failure.
Technical details
Unknown
Credits
Unknown
Reference(s)
CVE-2019-6472: A packet containing a malformed DUID can cause the kea-dhcp6 server to terminate
https://kb.isc.org/docs/cve-2019-6472
CVE-2019-6472
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6472
CVE-2019-6472
https://nvd.nist.gov/vuln/detail/CVE-2019-6472
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: October 21, 2019