DHCP vulnerability (CVE-2021-25217) has been announced, rated 8.8 CVSS v3 Base Score by Redhat. Due to discrepancy between the code that handles encapsulated option information in leases transmitted and the code with reads lease information after it has been written to disk, an attacker could deliberately trigger a stack-based buffer overflow. DHCP packages are fixed in both CentOS 7 and 8 (version 4.2.5 fixes the issue), available since June 14th. Sites using this service are encouraged to upgrade as soon as possible.
Recent Comments