{"id":"MGASA-2017-0458","summary":"Updated dhcp packages fix security vulnerability","details":"It was found that the DHCP daemon does not free socket descriptors when\nhandling empty OMAPI messages. An adjacent network attacker could\npotentially use this flaw to send crafted OMAPI messages to the DHCP\ndaemon, thereby leading to denial of service due to exhaustion of file\ndescriptors in the DHCP daemon process.\n","modified":"2026-01-30T13:42:38.756620Z","published":"2017-12-21T17:43:29Z","related":["CVE-2017-3144"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0458.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=22204"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UJCMW5N3YHQ7WCRPR2QZBKJZBVJUZ6LG/"},{"type":"REPORT","url":"https://kb.isc.org/article/AA-01541"}],"affected":[{"package":{"name":"dhcp","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/dhcp?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.3.3P1-1.1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0458.json"}},{"package":{"name":"dhcp","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/dhcp?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.3.5-1.1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0458.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}