Vulnerability Description
There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Isc | Dhcpd | < 4.4.1 |
| Redhat | Enterprise Linux | 8.0 |
| Redhat | Enterprise Linux Desktop | 7.0 |
| Redhat | Enterprise Linux Eus | 8.1 |
| Redhat | Enterprise Linux For Arm 64 | 8.0 |
| Redhat | Enterprise Linux For Arm 64 Eus | 8.1_aarch64 |
| Redhat | Enterprise Linux For Ibm Z Systems | 7.0 |
| Redhat | Enterprise Linux For Ibm Z Systems Eus | 8.1_s390x |
| Redhat | Enterprise Linux For Power Big Endian | 7.0 |
| Redhat | Enterprise Linux For Power Little Endian | 7.0 |
| Redhat | Enterprise Linux For Power Little Endian Eus | 8.1_ppc64le |
| Redhat | Enterprise Linux For Scientific Computing | 7.0 |
| Redhat | Enterprise Linux Server | 7.0 |
| Redhat | Enterprise Linux Server Aus | 8.2 |
| Redhat | Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions | 8.1 |
| Redhat | Enterprise Linux Server Tus | 8.2 |
| Redhat | Enterprise Linux Update Services For Sap Solutions | 8.1 |
| Redhat | Enterprise Linux Workstation | 7.0 |
| Opensuse | Leap | 15.0 |
References
- https://access.redhat.com/errata/RHSA-2019:2060Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:3525Third Party Advisory
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896122ExploitMailing ListThird Party Advisory
- https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00048.htmlMailing ListThird Party Advisory
- https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00049.htmlMailing ListThird Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2060Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:3525Third Party Advisory
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896122ExploitMailing ListThird Party Advisory
- https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00048.htmlMailing ListThird Party Advisory
- https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00049.htmlMailing ListThird Party Advisory
FAQ
What is CVE-2019-6470?
CVE-2019-6470 is a vulnerability with a CVSS score of 6.5 (MEDIUM). There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its ...
How severe is CVE-2019-6470?
CVE-2019-6470 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-6470?
Check the references section above for vendor advisories and patch information. Affected products include: Isc Dhcpd, Redhat Enterprise Linux, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Eus, Redhat Enterprise Linux For Arm 64.