TTCSIRT-142.071218: TT-CSIRT Advisory – DHCP Security Updates

TTCSIRT-142.071218: TT-CSIRT Advisory – DHCP Security Updates

The Internet Systems Consortium (ISC) has released a security update stating that Kea DHCP 1.4.0 may fail to release memory after temporarily storing client network packets. This causes a constant increase in memory consumption that can cause server resources to become exhausted, leading to loss of DHCP server functionality.

An attacker who is within the broadcast domain of the Kea server or in a network which is permitted to relay DHCP traffic to the Kea server can hasten the arrival of this outcome by deliberately sending a large volume of requests to the Kea server.

Further information on this vulnerability and how it can be mitigated can be found on the ISC Website at https://kb.isc.org/article/AA-01626