Updated: 2024-11-30 02:29:16.822867
Description:
An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | LOW | 2.9 |
CVSS Version 3.x | MEDIUM | 6.1 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
---|---|---|---|---|---|---|---|---|
CentOS 8.4 ELS | systemd | 239 | 6.1 | MEDIUM | Not Vulnerable | 2022-04-28 15:57:41 | ||
CentOS 8.5 ELS | systemd | 239 | 6.1 | MEDIUM | Not Vulnerable | 2022-04-28 15:57:41 | ||
Ubuntu 16.04 ELS | systemd | 229-4 | 6.1 | MEDIUM | Released | CLSA-2021:1635459240 | 2022-04-28 15:57:41 |