Check the status of CVEs. Learn More.
Keeping your systems up 100% of the time requires live patching. Our solutions will align strongly with your risk, compliance, and operational uptime requirements.
TuxCare is trusted by the most innovative companies across the globe.
Learn about TuxCare's modern approach to reducing cybersecurity risk with Blogs, White Papers, and more.
Continually increasing Cybersecurity, stability, and availability of Linux servers and open source software since 2009.
TuxCare provides live security patching for numerous industries. Learn how TuxCare is minimizing risk for companies around the world.
2x a month. No spam.
June 3, 2021 - TuxCare PR Team
Are you running DHCP on your network? There is a good chance that you are. Make sure you’re protected against the exploit in CVE-2021-25217.
DHCP is a critical network component that had a vulnerability publicly reported on the 26th of May, which offered a possible remote exploit opportunity to malicious actors.
According to the report, the flaw is present in versions 4.1-ESV-R1 up to 4.1-ESV-R16, 4.4.0 up to 4.4.2. Previous, lower versions in the 4.0.x and 4.3.x series are also affected but are out of official vendor support.
TuxCare’s Extended Lifecycle Support Team prepared and started delivering patches for this vulnerability for all Linux distributions covered by the service. Patches were made available the same day that the vulnerability was publicly disclosed.
Both the dhcp server, called dhcpd, and the dhcp client, called dhclient, are vulnerable.
The code used to read and parse stored leases, a term that describes an IP/MAC address pair that has been assigned by dhcp, contains a flaw. This flaw could be exploited to cause several possible effects like Denial-of-Service of the server, lease deletion which could cause an IP to be reassigned and create an address conflict in the network, or even a dhcp client crash.
The different possible results come from the component being attacked (the server or the client), which specific flags were used when compiling the DHCP code (-fstack-protection-strong), and the architecture used (32 bit or 64 bit).
There are some nuances to the possible outcomes, but none of them significantly improves the situation to a point where this flaw could be ignored. It is advisable to patch or upgrade as soon as possible to reduce the risk. More details can be found on the ISC page for the vulnerability here.
No publicly available exploit code is currently known, but a proof-of-concept has been used privately to test and validate the fixes.
Learn About Live Patching with TuxCare
End-of-life software is just a fact of our fast-paced technology...
Look, everyone knows that it’s a tough act. Thousands of...
The public sector, including state and federal agencies, are at...
If your organization deploys IoT solutions, you know that development...
We continue to look at the code issues that cause...
Catastrophic risks such as natural disasters and indeed cyberattacks require...