|
|
Subscribe / Log in / New account

Ubuntu alert USN-7759-1 (isc-kea)



From:
              noreply+usn-bot@canonical.com


To:
              ubuntu-security-announce@lists.ubuntu.com


Subject:
              [USN-7759-1] Kea DHCP vulnerabilities


Date:
              Tue, 23 Sep 2025 22:25:51 +0000


Message-ID:
              <E1v1BSJ-0004dg-0X@lists.ubuntu.com>


==========================================================================
Ubuntu Security Notice USN-7759-1
September 21, 2025

isc-kea vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

Kea DHCP could be made to crash if it received specially crafted network
traffic.

Software Description:
- isc-kea: Standards-based DHCP server

Details:

It was discovered that Kea DHCP did not correctly handle invalid hostnames.
A remote attacker could possibly use this issue to cause a denial of
service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS
  kea-admin                       1.1.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  kea-common                      1.1.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  kea-dhcp-ddns-server            1.1.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  kea-dhcp4-server                1.1.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  kea-dhcp6-server                1.1.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  kea-admin                       1.0.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  kea-common                      1.0.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  kea-dhcp-ddns-server            1.0.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  kea-dhcp4-server                1.0.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  kea-dhcp6-server                1.0.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

After a standard system update you may need to restart Kea DHCP server
instances to make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7759-1
  CVE-2019-6473




Attachment: signature.asc (type=application/pgp-signature)

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmjSQ7UACgkQcpJm3tlz
hgFeaQ//dr9yeGr+ac8WhBW1HlCsstv2uRO+OjzFAg/T6pIbkOo4Y7I/LspZKrQ7
NOJhJXsIGowU/8Szx8eVaDYZSYB2zpeM7hdkJW7shAwn1P/rwU6D1l8mbE0uxEHL
hZem/gdNY6ZqX9lcEJyYpNJ8jz0i3pgH8OunZt4OuUogCvBu0KOBUcxmLPsrSKaP
dM7i73bEH1gI1b9OECXVd43YMFm65rm7v7PZrNhmUsBxXcDAWEPVj2a8oitkCi0C
7xhZ4MGZOJhOZrF6+nlkQnMkzQuJuBMEWaTa4pVScWHZhLAJnHE13cCSqu6M2AzC
rOjQKejiwPQSlZgnevXGHGNuK6YSfniBSwOCscU3IJIHye5nKNQL6Ldi4O5SECJ4
p3OkLwx8M78MUkqWipjdSYExRcfSOZUMHFgtWnpPl2gBPc9rxkJD/Ut2IbspgNRF
I0Fhny9QUGg+p/NGkOudAm9BKtKNXo9tQN9xD+VXox/uVpTKbv0dbxHwrUlZSopU
+Ap8mkt2ayYCXMUyTWldeRW3FFac42lmGjjdOEA5wfOUmVrbONqb2Bn+9TUuak22
rQdrwKBRQ5rwzgyBJcbBXLkit6FShNVyk6XC0hQFF5e8aiee3wpmLKrpHW/JEwXS
5OqnH1gDTuQaWU+J4t+XvubKeg/S47gxvSB1p/sRVfpgGw1ztak=
=++XP
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds