Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2021-25217
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T19:56:11.067Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://kb.isc.org/docs/cve-2021-25217" }, { "name": "[oss-security] 20210526 ISC has disclosed a vulnerability in ISC DHCP (CVE-2021-25217)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/05/26/6" }, { "name": "FEDORA-2021-08cdb4dc34", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LB42JWIV4M4WDNXX5VGIP26FEYWKIF/" }, { "name": "[debian-lts-announce] 20210603 [SECURITY] [DLA 2674-1] isc-dhcp security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00002.html" }, { "name": "FEDORA-2021-8ca8263bde", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5QI4DYC7J4BGHEW3NH4XHMWTHYC36UK4/" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406691.pdf" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220325-0011/" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf" }, { "name": "GLSA-202305-22", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-22" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "ISC DHCP", "vendor": "ISC", "versions": [ { "lessThan": "4.1-ESV-R16-P1", "status": "affected", "version": "4.1 ESV", "versionType": "custom" }, { "lessThan": "4.4.2-P1", "status": "affected", "version": "4.4", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "ISC would like to thank Jon Franklin from Dell and Pawel Wieczorkiewicz from Amazon Web Services for (independently) reporting this vulnerability." } ], "datePublic": "2021-05-26T00:00:00", "descriptions": [ { "lang": "en", "value": "In ISC DHCP 4.1-ESV-R1 -\u003e 4.1-ESV-R16, ISC DHCP 4.4.0 -\u003e 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted." } ], "exploits": [ { "lang": "en", "value": "We are not aware of any active exploits." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Program code used by the ISC DHCP package to read and parse stored leases has a defect that can be exploited by an attacker to cause one of several undesirable outcomes, depending on the component attacked and the way in which it was compiled. Because of a discrepancy between the code which handles encapsulated option information in leases transmitted \"on the wire\" and the code which reads and parses lease information after it has been written to disk storage, it is potentially possible for an attacker to deliberately cause a situation where: dhcpd, while running in DHCPv4 or DHCPv6 mode, or dhclient, the ISC DHCP client implementation will attempt to read a stored lease that contains option information which will trigger a bug in the option parsing code. Affects ISC DHCP 4.1-ESV-R1 -\u003e 4.1-ESV-R16, ISC DHCP 4.4.0 -\u003e 4.4.2. Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability. Affects both dhcpd (server) and dhcpcd (client).", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "404fd4d2-a609-4245-b543-2c944a302a22", "shortName": "isc" }, "references": [ { "url": "https://kb.isc.org/docs/cve-2021-25217" }, { "name": "[oss-security] 20210526 ISC has disclosed a vulnerability in ISC DHCP (CVE-2021-25217)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2021/05/26/6" }, { "name": "FEDORA-2021-08cdb4dc34", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LB42JWIV4M4WDNXX5VGIP26FEYWKIF/" }, { "name": "[debian-lts-announce] 20210603 [SECURITY] [DLA 2674-1] isc-dhcp security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00002.html" }, { "name": "FEDORA-2021-8ca8263bde", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5QI4DYC7J4BGHEW3NH4XHMWTHYC36UK4/" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406691.pdf" }, { "url": "https://security.netapp.com/advisory/ntap-20220325-0011/" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf" }, { "name": "GLSA-202305-22", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-22" } ], "solutions": [ { "lang": "en", "value": "Upgrade to the patched release most closely related to your current version of ISC DHCP:\n\n ISC DHCP 4.1-ESV-R16-P1\n ISC DHCP 4.4.2-P1" } ], "source": { "discovery": "USER" }, "title": "A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient", "workarounds": [ { "lang": "en", "value": "None known." } ], "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22", "assignerShortName": "isc", "cveId": "CVE-2021-25217", "datePublished": "2021-05-26T22:10:11.312869Z", "dateReserved": "2021-01-15T00:00:00", "dateUpdated": "2024-09-16T22:08:32.175Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2021-25217\",\"sourceIdentifier\":\"security-officer@isc.org\",\"published\":\"2021-05-26T22:15:07.947\",\"lastModified\":\"2024-11-21T05:54:34.013\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In ISC DHCP 4.1-ESV-R1 -\u003e 4.1-ESV-R16, ISC DHCP 4.4.0 -\u003e 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted.\"},{\"lang\":\"es\",\"value\":\"En ISC DHCP versiones 4.1-ESV-R1 anteriores a 4.1-ESV-R16, ISC DHCP versiones 4.4.0 anteriores a 4.4.2 (Otras ramas de ISC DHCP (es decir, versiones de la serie 4.0.x o inferiores y versiones de la serie 4.3.x) est\u00e1n m\u00e1s all\u00e1 de su End-of-Life (EOL) y ya no son soportadas por ISC. El resultado de encontrar el fallo mientras se lee un contrato de arrendamiento que lo desencadena var\u00eda, seg\u00fan: el componente afectado (es decir, dhclient o dhcpd) si el paquete se construy\u00f3 como un binario de 32 o 64 bits si fue usado el flag del compilador -fstack-protection-strong al compilar En dhclient, ISC no ha reproducido con \u00e9xito el error en un sistema de 64 bits. Sin embargo, en un sistema de 32 bits es posible causar a dhclient bloquearse cuando leen un contrato de arrendamiento inapropiado, lo que podr\u00eda causar problemas de conectividad de red para un sistema afectado debido a la ausencia de un proceso de cliente DHCP en ejecuci\u00f3n. En dhcpd, cuando se ejecuta en modo DHCPv4 o DHCPv6: si el binario del servidor dhcpd fue construido para una arquitectura de 32 bits Y se especific\u00f3 el flag -fstack-protection-strong al compilador, dhcpd puede salir mientras analiza un archivo de arrendamiento que contiene un arrendamiento objetable, resultando en la falta de servicio a los clientes. Si el binario del servidor dhcpd fue construido para una arquitectura de 64 bits O si la flag -fstack-protection-strong del compilador NO fue especificado, el bloqueo no ocurrir\u00e1, pero es posible que el contrato de arrendamiento ofensivo y el que le sigue sean borrados inapropiadamente\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-officer@isc.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\",\"baseScore\":7.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":4.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\",\"baseScore\":7.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":4.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":3.3,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.5,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.4.0\",\"versionEndIncluding\":\"4.4.2\",\"matchCriteriaId\":\"106A3E98-3D4B-47F7-80AD-49A47A7B20D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBAABA4E-0D34-4644-AC26-E272CEE6C361\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r10:*:*:*:*:*:*\",\"matchCriteriaId\":\"179443DC-4B6A-408A-8BE5-B3E72188F43E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r10_b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9BE7736-58CD-468B-84AB-B38C9B254BA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r10_rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EB6F7F0-B2A0-47E3-AD7A-4E7618A36F90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r10b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA5FAE54-1645-4A38-A431-10E67304399A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r10rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C0D1A71-CECB-4C86-87F6-EB3741BDF692\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r11:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADF80D19-3B0A-4A74-944E-F33CCC30EADA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r11_b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"40B21FCB-43A8-4266-934D-ECFF8138F637\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r11_rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"69D49F23-9074-49E7-985F-4D93393324CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r11_rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F729D1D-7234-4BC2-839B-AE1BB9D16C25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r11b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E01D88D-876D-45FE-B7ED-089DAD801EF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r11rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4B030B1-F008-4562-93C7-7E1C6D3D00F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r11rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF656F5E-B317-4E0C-BF01-EC2A917142DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r12:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBA64EEC-C0C7-4F11-8131-2868691E54DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r12-p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFD3109A-1D76-4EA7-BF39-0B203AD945CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r12_b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"157520D7-AE39-4E23-A8CF-DD75EA78C055\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r12_p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B07118EC-9508-42B8-8D09-5CE310DA2B43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r12b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2156D1BC-90AE-4AF3-964C-DAC7DCE14A5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r13:*:*:*:*:*:*\",\"matchCriteriaId\":\"A157E664-6ACE-44CE-AC07-64898B182EA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r13_b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0056BF7A-4A70-4F1D-89C2-25CCDB65217B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r13b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA8ADA07-94FA-4014-AF70-8FCAF5F0DB03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r14:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D21F05D-246F-41F5-81FD-286C26168E2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r14_b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"12103C87-C942-481A-A68C-7BC83F964C06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r14b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2E0124D-6330-4013-8145-4309FDAE60A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r15:*:*:*:*:*:*\",\"matchCriteriaId\":\"924E91FF-495F-4963-827F-57F7340C6560\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r15-p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BC02748-557A-4131-A372-D99B62B4B93B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r15_b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"76A11284-3D81-45F0-8055-17282945C14F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:dhcp:4.1-esv:r16:*:*:*:*:*:*\",\"matchCriteriaId\":\"98431CF5-D4C2-4FCF-BA81-0BBB631546D2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.15.0\",\"matchCriteriaId\":\"DC90F7B5-81FB-43C5-8658-78589F26A4B2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12BD4008-DB6A-4749-A426-D2DE44819A9D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3.0\",\"versionEndExcluding\":\"2.15.0\",\"matchCriteriaId\":\"14720DF0-EBA3-4173-9472-163EBC688586\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E79B422-C844-411C-AA49-CFD73D3C6E2D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3.0\",\"versionEndExcluding\":\"2.15.0\",\"matchCriteriaId\":\"D09DE9BF-E5F5-40E8-BD31-8090A7A6FACA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53AAEC5C-06EE-4C58-A981-EBF5860CEF16\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3.0\",\"versionEndExcluding\":\"2.15.0\",\"matchCriteriaId\":\"E5A05BE2-7F53-49B7-9831-44E97E9ABA4B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0751225A-6E9C-4281-93A4-A048920FF7C6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3.0\",\"versionEndExcluding\":\"2.15.0\",\"matchCriteriaId\":\"9290F77E-4E1C-4B01-8C6E-4AEFB37C373A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C1E56ED-1E61-4B7E-8EC0-BB2AAD57EF7B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3.0\",\"versionEndExcluding\":\"2.15.0\",\"matchCriteriaId\":\"DD195547-C770-4696-BB58-C0EC5FA38C29\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41ADD701-AD49-46B2-A12E-219CCED32298\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.15.0\",\"matchCriteriaId\":\"4B0D2FC6-C24B-4AF8-813F-4432728A2021\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8C70D90-E8FA-4343-9027-152A99D79C82\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.15.0\",\"matchCriteriaId\":\"3E06BA0F-8D2A-48AF-B012-07F181F83828\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1775F3B-6F47-4134-8B4E-CF6337FF546C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3.0\",\"versionEndExcluding\":\"2.15.0\",\"matchCriteriaId\":\"28795B18-748A-46AF-B600-5CC7A7A95068\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E0E33F2-E89B-4008-BED2-CF2296801078\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3.0\",\"versionEndExcluding\":\"2.15.0\",\"matchCriteriaId\":\"2788BC61-D5EB-4E44-A896-0A416CC6D51E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAD1B18F-9C37-48CC-92E2-9C5E66B206CB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7CF3019-975D-40BB-A8A4-894E62BD3797\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:solidfire_\\\\\u0026_hci_management_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6D700C5-F67F-4FFB-BE69-D524592A3D2E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0\",\"matchCriteriaId\":\"C89891C1-DFD7-4E1F-80A9-7485D86A15B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4664B195-AF14-4834-82B3-0B2C98020EB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"75BC588E-CDF0-404E-AD61-02093A1DF343\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2021/05/26/6\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-406691.pdf\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://kb.isc.org/docs/cve-2021-25217\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/06/msg00002.html\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5QI4DYC7J4BGHEW3NH4XHMWTHYC36UK4/\",\"source\":\"security-officer@isc.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LB42JWIV4M4WDNXX5VGIP26FEYWKIF/\",\"source\":\"security-officer@isc.org\"},{\"url\":\"https://security.gentoo.org/glsa/202305-22\",\"source\":\"security-officer@isc.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20220325-0011/\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/05/26/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-406691.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://kb.isc.org/docs/cve-2021-25217\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/06/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5QI4DYC7J4BGHEW3NH4XHMWTHYC36UK4/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LB42JWIV4M4WDNXX5VGIP26FEYWKIF/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202305-22\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20220325-0011/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
rhsa-2021_2359
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for dhcp is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es):\n\n* dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:2359", "url": "https://access.redhat.com/errata/RHSA-2021:2359" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2359.json" } ], "title": "Red Hat Security Advisory: dhcp security update", "tracking": { "current_release_date": "2024-11-15T11:50:29+00:00", "generator": { "date": "2024-11-15T11:50:29+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:2359", "initial_release_date": "2021-06-09T11:01:07+00:00", "revision_history": [ { "date": "2021-06-09T11:01:07+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-06-09T11:01:07+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T11:50:29+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product": { "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:8::baseos" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "dhcp-12:4.3.6-44.el8_4.1.src", "product": { "name": "dhcp-12:4.3.6-44.el8_4.1.src", "product_id": "dhcp-12:4.3.6-44.el8_4.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.3.6-44.el8_4.1?arch=src\u0026epoch=12" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "dhcp-client-12:4.3.6-44.el8_4.1.aarch64", "product": { "name": "dhcp-client-12:4.3.6-44.el8_4.1.aarch64", "product_id": "dhcp-client-12:4.3.6-44.el8_4.1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client@4.3.6-44.el8_4.1?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.3.6-44.el8_4.1.aarch64", "product": { "name": "dhcp-libs-12:4.3.6-44.el8_4.1.aarch64", "product_id": "dhcp-libs-12:4.3.6-44.el8_4.1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.3.6-44.el8_4.1?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-12:4.3.6-44.el8_4.1.aarch64", "product": { "name": "dhcp-relay-12:4.3.6-44.el8_4.1.aarch64", "product_id": "dhcp-relay-12:4.3.6-44.el8_4.1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay@4.3.6-44.el8_4.1?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-12:4.3.6-44.el8_4.1.aarch64", "product": { "name": "dhcp-server-12:4.3.6-44.el8_4.1.aarch64", "product_id": "dhcp-server-12:4.3.6-44.el8_4.1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server@4.3.6-44.el8_4.1?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debugsource-12:4.3.6-44.el8_4.1.aarch64", "product": { "name": "dhcp-debugsource-12:4.3.6-44.el8_4.1.aarch64", "product_id": "dhcp-debugsource-12:4.3.6-44.el8_4.1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debugsource@4.3.6-44.el8_4.1?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "product": { "name": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "product_id": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client-debuginfo@4.3.6-44.el8_4.1?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "product": { "name": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "product_id": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.3.6-44.el8_4.1?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "product": { "name": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "product_id": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs-debuginfo@4.3.6-44.el8_4.1?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "product": { "name": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "product_id": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay-debuginfo@4.3.6-44.el8_4.1?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "product": { "name": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "product_id": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server-debuginfo@4.3.6-44.el8_4.1?arch=aarch64\u0026epoch=12" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "dhcp-client-12:4.3.6-44.el8_4.1.ppc64le", "product": { "name": "dhcp-client-12:4.3.6-44.el8_4.1.ppc64le", "product_id": "dhcp-client-12:4.3.6-44.el8_4.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client@4.3.6-44.el8_4.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.3.6-44.el8_4.1.ppc64le", "product": { "name": "dhcp-libs-12:4.3.6-44.el8_4.1.ppc64le", "product_id": "dhcp-libs-12:4.3.6-44.el8_4.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.3.6-44.el8_4.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-12:4.3.6-44.el8_4.1.ppc64le", "product": { "name": "dhcp-relay-12:4.3.6-44.el8_4.1.ppc64le", "product_id": "dhcp-relay-12:4.3.6-44.el8_4.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay@4.3.6-44.el8_4.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-12:4.3.6-44.el8_4.1.ppc64le", "product": { "name": "dhcp-server-12:4.3.6-44.el8_4.1.ppc64le", "product_id": "dhcp-server-12:4.3.6-44.el8_4.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server@4.3.6-44.el8_4.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debugsource-12:4.3.6-44.el8_4.1.ppc64le", "product": { "name": "dhcp-debugsource-12:4.3.6-44.el8_4.1.ppc64le", "product_id": "dhcp-debugsource-12:4.3.6-44.el8_4.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debugsource@4.3.6-44.el8_4.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "product": { "name": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "product_id": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client-debuginfo@4.3.6-44.el8_4.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "product": { "name": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "product_id": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.3.6-44.el8_4.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "product": { "name": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "product_id": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs-debuginfo@4.3.6-44.el8_4.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "product": { "name": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "product_id": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay-debuginfo@4.3.6-44.el8_4.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "product": { "name": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "product_id": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server-debuginfo@4.3.6-44.el8_4.1?arch=ppc64le\u0026epoch=12" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "dhcp-client-12:4.3.6-44.el8_4.1.x86_64", "product": { "name": "dhcp-client-12:4.3.6-44.el8_4.1.x86_64", "product_id": "dhcp-client-12:4.3.6-44.el8_4.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client@4.3.6-44.el8_4.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.3.6-44.el8_4.1.x86_64", "product": { "name": "dhcp-libs-12:4.3.6-44.el8_4.1.x86_64", "product_id": "dhcp-libs-12:4.3.6-44.el8_4.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.3.6-44.el8_4.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-12:4.3.6-44.el8_4.1.x86_64", "product": { "name": "dhcp-relay-12:4.3.6-44.el8_4.1.x86_64", "product_id": "dhcp-relay-12:4.3.6-44.el8_4.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay@4.3.6-44.el8_4.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-12:4.3.6-44.el8_4.1.x86_64", "product": { "name": "dhcp-server-12:4.3.6-44.el8_4.1.x86_64", "product_id": "dhcp-server-12:4.3.6-44.el8_4.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server@4.3.6-44.el8_4.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debugsource-12:4.3.6-44.el8_4.1.x86_64", "product": { "name": "dhcp-debugsource-12:4.3.6-44.el8_4.1.x86_64", "product_id": "dhcp-debugsource-12:4.3.6-44.el8_4.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debugsource@4.3.6-44.el8_4.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "product": { "name": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "product_id": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client-debuginfo@4.3.6-44.el8_4.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "product": { "name": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "product_id": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.3.6-44.el8_4.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "product": { "name": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "product_id": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs-debuginfo@4.3.6-44.el8_4.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "product": { "name": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "product_id": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay-debuginfo@4.3.6-44.el8_4.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "product": { "name": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "product_id": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server-debuginfo@4.3.6-44.el8_4.1?arch=x86_64\u0026epoch=12" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "dhcp-libs-12:4.3.6-44.el8_4.1.i686", "product": { "name": "dhcp-libs-12:4.3.6-44.el8_4.1.i686", "product_id": "dhcp-libs-12:4.3.6-44.el8_4.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.3.6-44.el8_4.1?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debugsource-12:4.3.6-44.el8_4.1.i686", "product": { "name": "dhcp-debugsource-12:4.3.6-44.el8_4.1.i686", "product_id": "dhcp-debugsource-12:4.3.6-44.el8_4.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debugsource@4.3.6-44.el8_4.1?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.i686", "product": { "name": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.i686", "product_id": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client-debuginfo@4.3.6-44.el8_4.1?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.i686", "product": { "name": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.i686", "product_id": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.3.6-44.el8_4.1?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.i686", "product": { "name": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.i686", "product_id": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs-debuginfo@4.3.6-44.el8_4.1?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.i686", "product": { "name": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.i686", "product_id": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay-debuginfo@4.3.6-44.el8_4.1?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.i686", "product": { "name": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.i686", "product_id": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server-debuginfo@4.3.6-44.el8_4.1?arch=i686\u0026epoch=12" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "dhcp-client-12:4.3.6-44.el8_4.1.s390x", "product": { "name": "dhcp-client-12:4.3.6-44.el8_4.1.s390x", "product_id": "dhcp-client-12:4.3.6-44.el8_4.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client@4.3.6-44.el8_4.1?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.3.6-44.el8_4.1.s390x", "product": { "name": "dhcp-libs-12:4.3.6-44.el8_4.1.s390x", "product_id": "dhcp-libs-12:4.3.6-44.el8_4.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.3.6-44.el8_4.1?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-12:4.3.6-44.el8_4.1.s390x", "product": { "name": "dhcp-relay-12:4.3.6-44.el8_4.1.s390x", "product_id": "dhcp-relay-12:4.3.6-44.el8_4.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay@4.3.6-44.el8_4.1?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-12:4.3.6-44.el8_4.1.s390x", "product": { "name": "dhcp-server-12:4.3.6-44.el8_4.1.s390x", "product_id": "dhcp-server-12:4.3.6-44.el8_4.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server@4.3.6-44.el8_4.1?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debugsource-12:4.3.6-44.el8_4.1.s390x", "product": { "name": "dhcp-debugsource-12:4.3.6-44.el8_4.1.s390x", "product_id": "dhcp-debugsource-12:4.3.6-44.el8_4.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debugsource@4.3.6-44.el8_4.1?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.s390x", "product": { "name": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.s390x", "product_id": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client-debuginfo@4.3.6-44.el8_4.1?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.s390x", "product": { "name": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.s390x", "product_id": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.3.6-44.el8_4.1?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.s390x", "product": { "name": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.s390x", "product_id": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs-debuginfo@4.3.6-44.el8_4.1?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.s390x", "product": { "name": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.s390x", "product_id": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay-debuginfo@4.3.6-44.el8_4.1?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.s390x", "product": { "name": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.s390x", "product_id": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server-debuginfo@4.3.6-44.el8_4.1?arch=s390x\u0026epoch=12" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "dhcp-common-12:4.3.6-44.el8_4.1.noarch", "product": { "name": "dhcp-common-12:4.3.6-44.el8_4.1.noarch", "product_id": "dhcp-common-12:4.3.6-44.el8_4.1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.3.6-44.el8_4.1?arch=noarch\u0026epoch=12" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.3.6-44.el8_4.1.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-12:4.3.6-44.el8_4.1.src" }, "product_reference": "dhcp-12:4.3.6-44.el8_4.1.src", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-12:4.3.6-44.el8_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-12:4.3.6-44.el8_4.1.aarch64" }, "product_reference": "dhcp-client-12:4.3.6-44.el8_4.1.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-12:4.3.6-44.el8_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-12:4.3.6-44.el8_4.1.ppc64le" }, "product_reference": "dhcp-client-12:4.3.6-44.el8_4.1.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-12:4.3.6-44.el8_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-12:4.3.6-44.el8_4.1.s390x" }, "product_reference": "dhcp-client-12:4.3.6-44.el8_4.1.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-12:4.3.6-44.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-12:4.3.6-44.el8_4.1.x86_64" }, "product_reference": "dhcp-client-12:4.3.6-44.el8_4.1.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.aarch64" }, "product_reference": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.i686" }, "product_reference": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.i686", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.ppc64le" }, "product_reference": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.s390x" }, "product_reference": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.x86_64" }, "product_reference": "dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.3.6-44.el8_4.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-common-12:4.3.6-44.el8_4.1.noarch" }, "product_reference": "dhcp-common-12:4.3.6-44.el8_4.1.noarch", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.aarch64" }, "product_reference": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.i686" }, "product_reference": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.i686", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.ppc64le" }, "product_reference": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.s390x" }, "product_reference": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debugsource-12:4.3.6-44.el8_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.aarch64" }, "product_reference": "dhcp-debugsource-12:4.3.6-44.el8_4.1.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debugsource-12:4.3.6-44.el8_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.i686" }, "product_reference": "dhcp-debugsource-12:4.3.6-44.el8_4.1.i686", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debugsource-12:4.3.6-44.el8_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.ppc64le" }, "product_reference": "dhcp-debugsource-12:4.3.6-44.el8_4.1.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debugsource-12:4.3.6-44.el8_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.s390x" }, "product_reference": "dhcp-debugsource-12:4.3.6-44.el8_4.1.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debugsource-12:4.3.6-44.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.x86_64" }, "product_reference": "dhcp-debugsource-12:4.3.6-44.el8_4.1.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.3.6-44.el8_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.aarch64" }, "product_reference": "dhcp-libs-12:4.3.6-44.el8_4.1.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.3.6-44.el8_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.i686" }, "product_reference": "dhcp-libs-12:4.3.6-44.el8_4.1.i686", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.3.6-44.el8_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.ppc64le" }, "product_reference": "dhcp-libs-12:4.3.6-44.el8_4.1.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.3.6-44.el8_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.s390x" }, "product_reference": "dhcp-libs-12:4.3.6-44.el8_4.1.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.3.6-44.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.x86_64" }, "product_reference": "dhcp-libs-12:4.3.6-44.el8_4.1.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.aarch64" }, "product_reference": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.i686" }, "product_reference": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.i686", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.ppc64le" }, "product_reference": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.s390x" }, "product_reference": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.x86_64" }, "product_reference": "dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-12:4.3.6-44.el8_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-12:4.3.6-44.el8_4.1.aarch64" }, "product_reference": "dhcp-relay-12:4.3.6-44.el8_4.1.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-12:4.3.6-44.el8_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-12:4.3.6-44.el8_4.1.ppc64le" }, "product_reference": "dhcp-relay-12:4.3.6-44.el8_4.1.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-12:4.3.6-44.el8_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-12:4.3.6-44.el8_4.1.s390x" }, "product_reference": "dhcp-relay-12:4.3.6-44.el8_4.1.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-12:4.3.6-44.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-12:4.3.6-44.el8_4.1.x86_64" }, "product_reference": "dhcp-relay-12:4.3.6-44.el8_4.1.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.aarch64" }, "product_reference": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.i686" }, "product_reference": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.i686", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.ppc64le" }, "product_reference": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.s390x" }, "product_reference": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.x86_64" }, "product_reference": "dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-12:4.3.6-44.el8_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-12:4.3.6-44.el8_4.1.aarch64" }, "product_reference": "dhcp-server-12:4.3.6-44.el8_4.1.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-12:4.3.6-44.el8_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-12:4.3.6-44.el8_4.1.ppc64le" }, "product_reference": "dhcp-server-12:4.3.6-44.el8_4.1.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-12:4.3.6-44.el8_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-12:4.3.6-44.el8_4.1.s390x" }, "product_reference": "dhcp-server-12:4.3.6-44.el8_4.1.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-12:4.3.6-44.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-12:4.3.6-44.el8_4.1.x86_64" }, "product_reference": "dhcp-server-12:4.3.6-44.el8_4.1.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.aarch64" }, "product_reference": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.i686" }, "product_reference": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.i686", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.ppc64le" }, "product_reference": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.s390x" }, "product_reference": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.x86_64" }, "product_reference": "dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-25217", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2021-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1963258" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Dynamic Host Configuration Protocol (DHCP). There is a discrepancy between the code that handles encapsulated option information in leases transmitted \"on the wire\" and the code which reads and parses lease information after it has been written to disk storage. This flaw allows an attacker to deliberately cause a situation where dhcpd while running in DHCPv4 or DHCPv6 mode, or the dhclient attempts to read a stored lease that contains option information, to trigger a stack-based buffer overflow in the option parsing code for colon-separated hex digits values. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient", "title": "Vulnerability summary" }, { "category": "other", "text": "To abuse this flaw an attacker has to be on the same local sub-net of the victim machine. An attacker may send crafted DHCP messages with long lease statements that, when stored locally on file and then re-read by dhclient or dhcpd, might trigger the bug.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-12:4.3.6-44.el8_4.1.src", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-common-12:4.3.6-44.el8_4.1.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-25217" }, { "category": "external", "summary": "RHBZ#1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-25217", "url": "https://www.cve.org/CVERecord?id=CVE-2021-25217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217" }, { "category": "external", "summary": "https://kb.isc.org/docs/cve-2021-25217", "url": "https://kb.isc.org/docs/cve-2021-25217" } ], "release_date": "2021-05-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-06-09T11:01:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-12:4.3.6-44.el8_4.1.src", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-common-12:4.3.6-44.el8_4.1.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2359" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-12:4.3.6-44.el8_4.1.src", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-client-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-common-12:4.3.6-44.el8_4.1.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-debugsource-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-libs-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-relay-debuginfo-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-12:4.3.6-44.el8_4.1.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.i686", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:dhcp-server-debuginfo-12:4.3.6-44.el8_4.1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient" } ] }
rhsa-2021_2416
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for dhcp is now available for Red Hat Enterprise Linux 8.1 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es):\n\n* dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:2416", "url": "https://access.redhat.com/errata/RHSA-2021:2416" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2416.json" } ], "title": "Red Hat Security Advisory: dhcp security update", "tracking": { "current_release_date": "2024-11-15T11:51:39+00:00", "generator": { "date": "2024-11-15T11:51:39+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:2416", "initial_release_date": "2021-06-14T20:10:34+00:00", "revision_history": [ { "date": "2021-06-14T20:10:34+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-06-14T20:10:34+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T11:51:39+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product": { "name": "Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_eus:8.1::baseos" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "dhcp-12:4.3.6-34.el8_1.2.src", "product": { "name": "dhcp-12:4.3.6-34.el8_1.2.src", "product_id": "dhcp-12:4.3.6-34.el8_1.2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.3.6-34.el8_1.2?arch=src\u0026epoch=12" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "dhcp-client-12:4.3.6-34.el8_1.2.aarch64", "product": { "name": "dhcp-client-12:4.3.6-34.el8_1.2.aarch64", "product_id": "dhcp-client-12:4.3.6-34.el8_1.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client@4.3.6-34.el8_1.2?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.3.6-34.el8_1.2.aarch64", "product": { "name": "dhcp-libs-12:4.3.6-34.el8_1.2.aarch64", "product_id": "dhcp-libs-12:4.3.6-34.el8_1.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.3.6-34.el8_1.2?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-12:4.3.6-34.el8_1.2.aarch64", "product": { "name": "dhcp-relay-12:4.3.6-34.el8_1.2.aarch64", "product_id": "dhcp-relay-12:4.3.6-34.el8_1.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay@4.3.6-34.el8_1.2?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-12:4.3.6-34.el8_1.2.aarch64", "product": { "name": "dhcp-server-12:4.3.6-34.el8_1.2.aarch64", "product_id": "dhcp-server-12:4.3.6-34.el8_1.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server@4.3.6-34.el8_1.2?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debugsource-12:4.3.6-34.el8_1.2.aarch64", "product": { "name": "dhcp-debugsource-12:4.3.6-34.el8_1.2.aarch64", "product_id": "dhcp-debugsource-12:4.3.6-34.el8_1.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debugsource@4.3.6-34.el8_1.2?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "product": { "name": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "product_id": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client-debuginfo@4.3.6-34.el8_1.2?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "product": { "name": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "product_id": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.3.6-34.el8_1.2?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "product": { "name": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "product_id": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs-debuginfo@4.3.6-34.el8_1.2?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "product": { "name": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "product_id": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay-debuginfo@4.3.6-34.el8_1.2?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "product": { "name": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "product_id": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server-debuginfo@4.3.6-34.el8_1.2?arch=aarch64\u0026epoch=12" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "dhcp-client-12:4.3.6-34.el8_1.2.ppc64le", "product": { "name": "dhcp-client-12:4.3.6-34.el8_1.2.ppc64le", "product_id": "dhcp-client-12:4.3.6-34.el8_1.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client@4.3.6-34.el8_1.2?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.3.6-34.el8_1.2.ppc64le", "product": { "name": "dhcp-libs-12:4.3.6-34.el8_1.2.ppc64le", "product_id": "dhcp-libs-12:4.3.6-34.el8_1.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.3.6-34.el8_1.2?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-12:4.3.6-34.el8_1.2.ppc64le", "product": { "name": "dhcp-relay-12:4.3.6-34.el8_1.2.ppc64le", "product_id": "dhcp-relay-12:4.3.6-34.el8_1.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay@4.3.6-34.el8_1.2?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-12:4.3.6-34.el8_1.2.ppc64le", "product": { "name": "dhcp-server-12:4.3.6-34.el8_1.2.ppc64le", "product_id": "dhcp-server-12:4.3.6-34.el8_1.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server@4.3.6-34.el8_1.2?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debugsource-12:4.3.6-34.el8_1.2.ppc64le", "product": { "name": "dhcp-debugsource-12:4.3.6-34.el8_1.2.ppc64le", "product_id": "dhcp-debugsource-12:4.3.6-34.el8_1.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debugsource@4.3.6-34.el8_1.2?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "product": { "name": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "product_id": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client-debuginfo@4.3.6-34.el8_1.2?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "product": { "name": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "product_id": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.3.6-34.el8_1.2?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "product": { "name": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "product_id": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs-debuginfo@4.3.6-34.el8_1.2?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "product": { "name": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "product_id": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay-debuginfo@4.3.6-34.el8_1.2?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "product": { "name": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "product_id": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server-debuginfo@4.3.6-34.el8_1.2?arch=ppc64le\u0026epoch=12" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "dhcp-client-12:4.3.6-34.el8_1.2.x86_64", "product": { "name": "dhcp-client-12:4.3.6-34.el8_1.2.x86_64", "product_id": "dhcp-client-12:4.3.6-34.el8_1.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client@4.3.6-34.el8_1.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.3.6-34.el8_1.2.x86_64", "product": { "name": "dhcp-libs-12:4.3.6-34.el8_1.2.x86_64", "product_id": "dhcp-libs-12:4.3.6-34.el8_1.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.3.6-34.el8_1.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-12:4.3.6-34.el8_1.2.x86_64", "product": { "name": "dhcp-relay-12:4.3.6-34.el8_1.2.x86_64", "product_id": "dhcp-relay-12:4.3.6-34.el8_1.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay@4.3.6-34.el8_1.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-12:4.3.6-34.el8_1.2.x86_64", "product": { "name": "dhcp-server-12:4.3.6-34.el8_1.2.x86_64", "product_id": "dhcp-server-12:4.3.6-34.el8_1.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server@4.3.6-34.el8_1.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debugsource-12:4.3.6-34.el8_1.2.x86_64", "product": { "name": "dhcp-debugsource-12:4.3.6-34.el8_1.2.x86_64", "product_id": "dhcp-debugsource-12:4.3.6-34.el8_1.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debugsource@4.3.6-34.el8_1.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "product": { "name": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "product_id": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client-debuginfo@4.3.6-34.el8_1.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "product": { "name": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "product_id": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.3.6-34.el8_1.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "product": { "name": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "product_id": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs-debuginfo@4.3.6-34.el8_1.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "product": { "name": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "product_id": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay-debuginfo@4.3.6-34.el8_1.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "product": { "name": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "product_id": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server-debuginfo@4.3.6-34.el8_1.2?arch=x86_64\u0026epoch=12" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "dhcp-libs-12:4.3.6-34.el8_1.2.i686", "product": { "name": "dhcp-libs-12:4.3.6-34.el8_1.2.i686", "product_id": "dhcp-libs-12:4.3.6-34.el8_1.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.3.6-34.el8_1.2?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debugsource-12:4.3.6-34.el8_1.2.i686", "product": { "name": "dhcp-debugsource-12:4.3.6-34.el8_1.2.i686", "product_id": "dhcp-debugsource-12:4.3.6-34.el8_1.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debugsource@4.3.6-34.el8_1.2?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.i686", "product": { "name": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.i686", "product_id": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client-debuginfo@4.3.6-34.el8_1.2?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.i686", "product": { "name": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.i686", "product_id": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.3.6-34.el8_1.2?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.i686", "product": { "name": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.i686", "product_id": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs-debuginfo@4.3.6-34.el8_1.2?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.i686", "product": { "name": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.i686", "product_id": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay-debuginfo@4.3.6-34.el8_1.2?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.i686", "product": { "name": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.i686", "product_id": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server-debuginfo@4.3.6-34.el8_1.2?arch=i686\u0026epoch=12" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "dhcp-client-12:4.3.6-34.el8_1.2.s390x", "product": { "name": "dhcp-client-12:4.3.6-34.el8_1.2.s390x", "product_id": "dhcp-client-12:4.3.6-34.el8_1.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client@4.3.6-34.el8_1.2?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.3.6-34.el8_1.2.s390x", "product": { "name": "dhcp-libs-12:4.3.6-34.el8_1.2.s390x", "product_id": "dhcp-libs-12:4.3.6-34.el8_1.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.3.6-34.el8_1.2?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-12:4.3.6-34.el8_1.2.s390x", "product": { "name": "dhcp-relay-12:4.3.6-34.el8_1.2.s390x", "product_id": "dhcp-relay-12:4.3.6-34.el8_1.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay@4.3.6-34.el8_1.2?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-12:4.3.6-34.el8_1.2.s390x", "product": { "name": "dhcp-server-12:4.3.6-34.el8_1.2.s390x", "product_id": "dhcp-server-12:4.3.6-34.el8_1.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server@4.3.6-34.el8_1.2?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debugsource-12:4.3.6-34.el8_1.2.s390x", "product": { "name": "dhcp-debugsource-12:4.3.6-34.el8_1.2.s390x", "product_id": "dhcp-debugsource-12:4.3.6-34.el8_1.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debugsource@4.3.6-34.el8_1.2?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.s390x", "product": { "name": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.s390x", "product_id": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client-debuginfo@4.3.6-34.el8_1.2?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.s390x", "product": { "name": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.s390x", "product_id": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.3.6-34.el8_1.2?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.s390x", "product": { "name": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.s390x", "product_id": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs-debuginfo@4.3.6-34.el8_1.2?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.s390x", "product": { "name": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.s390x", "product_id": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay-debuginfo@4.3.6-34.el8_1.2?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.s390x", "product": { "name": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.s390x", "product_id": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server-debuginfo@4.3.6-34.el8_1.2?arch=s390x\u0026epoch=12" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "dhcp-common-12:4.3.6-34.el8_1.2.noarch", "product": { "name": "dhcp-common-12:4.3.6-34.el8_1.2.noarch", "product_id": "dhcp-common-12:4.3.6-34.el8_1.2.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.3.6-34.el8_1.2?arch=noarch\u0026epoch=12" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.3.6-34.el8_1.2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-12:4.3.6-34.el8_1.2.src" }, "product_reference": "dhcp-12:4.3.6-34.el8_1.2.src", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-12:4.3.6-34.el8_1.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-client-12:4.3.6-34.el8_1.2.aarch64" }, "product_reference": "dhcp-client-12:4.3.6-34.el8_1.2.aarch64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-12:4.3.6-34.el8_1.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-client-12:4.3.6-34.el8_1.2.ppc64le" }, "product_reference": "dhcp-client-12:4.3.6-34.el8_1.2.ppc64le", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-12:4.3.6-34.el8_1.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-client-12:4.3.6-34.el8_1.2.s390x" }, "product_reference": "dhcp-client-12:4.3.6-34.el8_1.2.s390x", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-12:4.3.6-34.el8_1.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-client-12:4.3.6-34.el8_1.2.x86_64" }, "product_reference": "dhcp-client-12:4.3.6-34.el8_1.2.x86_64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.aarch64" }, "product_reference": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.i686" }, "product_reference": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.i686", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.ppc64le" }, "product_reference": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.s390x" }, "product_reference": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.s390x", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.x86_64" }, "product_reference": "dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.3.6-34.el8_1.2.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-common-12:4.3.6-34.el8_1.2.noarch" }, "product_reference": "dhcp-common-12:4.3.6-34.el8_1.2.noarch", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.aarch64" }, "product_reference": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.i686" }, "product_reference": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.i686", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.ppc64le" }, "product_reference": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.s390x" }, "product_reference": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.s390x", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debugsource-12:4.3.6-34.el8_1.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.aarch64" }, "product_reference": "dhcp-debugsource-12:4.3.6-34.el8_1.2.aarch64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debugsource-12:4.3.6-34.el8_1.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.i686" }, "product_reference": "dhcp-debugsource-12:4.3.6-34.el8_1.2.i686", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debugsource-12:4.3.6-34.el8_1.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.ppc64le" }, "product_reference": "dhcp-debugsource-12:4.3.6-34.el8_1.2.ppc64le", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debugsource-12:4.3.6-34.el8_1.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.s390x" }, "product_reference": "dhcp-debugsource-12:4.3.6-34.el8_1.2.s390x", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debugsource-12:4.3.6-34.el8_1.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.x86_64" }, "product_reference": "dhcp-debugsource-12:4.3.6-34.el8_1.2.x86_64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.3.6-34.el8_1.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.aarch64" }, "product_reference": "dhcp-libs-12:4.3.6-34.el8_1.2.aarch64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.3.6-34.el8_1.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.i686" }, "product_reference": "dhcp-libs-12:4.3.6-34.el8_1.2.i686", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.3.6-34.el8_1.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.ppc64le" }, "product_reference": "dhcp-libs-12:4.3.6-34.el8_1.2.ppc64le", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.3.6-34.el8_1.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.s390x" }, "product_reference": "dhcp-libs-12:4.3.6-34.el8_1.2.s390x", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.3.6-34.el8_1.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.x86_64" }, "product_reference": "dhcp-libs-12:4.3.6-34.el8_1.2.x86_64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.aarch64" }, "product_reference": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.i686" }, "product_reference": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.i686", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.ppc64le" }, "product_reference": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.s390x" }, "product_reference": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.s390x", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.x86_64" }, "product_reference": "dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-12:4.3.6-34.el8_1.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-relay-12:4.3.6-34.el8_1.2.aarch64" }, "product_reference": "dhcp-relay-12:4.3.6-34.el8_1.2.aarch64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-12:4.3.6-34.el8_1.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-relay-12:4.3.6-34.el8_1.2.ppc64le" }, "product_reference": "dhcp-relay-12:4.3.6-34.el8_1.2.ppc64le", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-12:4.3.6-34.el8_1.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-relay-12:4.3.6-34.el8_1.2.s390x" }, "product_reference": "dhcp-relay-12:4.3.6-34.el8_1.2.s390x", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-12:4.3.6-34.el8_1.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-relay-12:4.3.6-34.el8_1.2.x86_64" }, "product_reference": "dhcp-relay-12:4.3.6-34.el8_1.2.x86_64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.aarch64" }, "product_reference": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.i686" }, "product_reference": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.i686", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.ppc64le" }, "product_reference": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.s390x" }, "product_reference": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.s390x", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.x86_64" }, "product_reference": "dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-12:4.3.6-34.el8_1.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-server-12:4.3.6-34.el8_1.2.aarch64" }, "product_reference": "dhcp-server-12:4.3.6-34.el8_1.2.aarch64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-12:4.3.6-34.el8_1.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-server-12:4.3.6-34.el8_1.2.ppc64le" }, "product_reference": "dhcp-server-12:4.3.6-34.el8_1.2.ppc64le", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-12:4.3.6-34.el8_1.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-server-12:4.3.6-34.el8_1.2.s390x" }, "product_reference": "dhcp-server-12:4.3.6-34.el8_1.2.s390x", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-12:4.3.6-34.el8_1.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-server-12:4.3.6-34.el8_1.2.x86_64" }, "product_reference": "dhcp-server-12:4.3.6-34.el8_1.2.x86_64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.aarch64" }, "product_reference": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.i686" }, "product_reference": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.i686", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.ppc64le" }, "product_reference": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.s390x" }, "product_reference": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.s390x", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.1)", "product_id": "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.x86_64" }, "product_reference": "dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "relates_to_product_reference": "BaseOS-8.1.0.Z.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-25217", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2021-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1963258" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Dynamic Host Configuration Protocol (DHCP). There is a discrepancy between the code that handles encapsulated option information in leases transmitted \"on the wire\" and the code which reads and parses lease information after it has been written to disk storage. This flaw allows an attacker to deliberately cause a situation where dhcpd while running in DHCPv4 or DHCPv6 mode, or the dhclient attempts to read a stored lease that contains option information, to trigger a stack-based buffer overflow in the option parsing code for colon-separated hex digits values. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient", "title": "Vulnerability summary" }, { "category": "other", "text": "To abuse this flaw an attacker has to be on the same local sub-net of the victim machine. An attacker may send crafted DHCP messages with long lease statements that, when stored locally on file and then re-read by dhclient or dhcpd, might trigger the bug.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.1.0.Z.EUS:dhcp-12:4.3.6-34.el8_1.2.src", "BaseOS-8.1.0.Z.EUS:dhcp-client-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-client-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-client-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-client-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-common-12:4.3.6-34.el8_1.2.noarch", "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-relay-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-relay-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-relay-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-relay-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-server-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-server-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-server-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-server-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-25217" }, { "category": "external", "summary": "RHBZ#1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-25217", "url": "https://www.cve.org/CVERecord?id=CVE-2021-25217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217" }, { "category": "external", "summary": "https://kb.isc.org/docs/cve-2021-25217", "url": "https://kb.isc.org/docs/cve-2021-25217" } ], "release_date": "2021-05-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-06-14T20:10:34+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "BaseOS-8.1.0.Z.EUS:dhcp-12:4.3.6-34.el8_1.2.src", "BaseOS-8.1.0.Z.EUS:dhcp-client-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-client-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-client-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-client-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-common-12:4.3.6-34.el8_1.2.noarch", "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-relay-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-relay-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-relay-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-relay-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-server-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-server-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-server-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-server-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2416" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "BaseOS-8.1.0.Z.EUS:dhcp-12:4.3.6-34.el8_1.2.src", "BaseOS-8.1.0.Z.EUS:dhcp-client-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-client-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-client-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-client-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-common-12:4.3.6-34.el8_1.2.noarch", "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-debugsource-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-libs-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-relay-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-relay-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-relay-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-relay-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-server-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-server-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-server-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-server-12:4.3.6-34.el8_1.2.x86_64", "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.aarch64", "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.i686", "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.ppc64le", "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.s390x", "BaseOS-8.1.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-34.el8_1.2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient" } ] }
rhsa-2021_2555
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat OpenShift Container Platform release 4.7.19 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.19. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2021:2554\n\nSecurity Fix(es):\n\n* polkit: local privilege escalation using polkit_system_bus_name_get_creds_sync() (CVE-2021-3560)\n\n* dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:2555", "url": "https://access.redhat.com/errata/RHSA-2021:2555" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1961710", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961710" }, { "category": "external", "summary": "1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "external", "summary": "1976688", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1976688" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2555.json" } ], "title": "Red Hat Security Advisory: OpenShift Container Platform 4.7.19 packages and security update", "tracking": { "current_release_date": "2024-11-22T17:05:28+00:00", "generator": { "date": "2024-11-22T17:05:28+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:2555", "initial_release_date": "2021-07-06T11:31:17+00:00", "revision_history": [ { "date": "2021-07-06T11:31:17+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-07-06T11:31:17+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T17:05:28+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Container Platform 4.7", "product": { "name": "Red Hat OpenShift Container Platform 4.7", "product_id": "7Server-RH7-RHOSE-4.7", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:4.7::el7" } } }, { "category": "product_name", "name": "Red Hat OpenShift Container Platform 4.7", "product": { "name": "Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:4.7::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "branches": [ { "category": "product_version", "name": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.src", "product": { "name": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.src", "product_id": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.7.0-202106252127.p0.git.8b4b094.el7?arch=src" } } }, { "category": "product_version", "name": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.src", "product": { "name": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.src", "product_id": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.20.3-6.rhaos4.7.git0d0f863.el7?arch=src" } } }, { "category": "product_version", "name": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.src", "product": { "name": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.src", "product_id": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.7.0-202106252127.p0.git.8b4b094.el8?arch=src" } } }, { "category": "product_version", "name": "polkit-0:0.115-11.el8_3.2.src", "product": { "name": "polkit-0:0.115-11.el8_3.2.src", "product_id": "polkit-0:0.115-11.el8_3.2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/polkit@0.115-11.el8_3.2?arch=src" } } }, { "category": "product_version", "name": "dhcp-12:4.3.6-41.el8_3.1.src", "product": { "name": "dhcp-12:4.3.6-41.el8_3.1.src", "product_id": "dhcp-12:4.3.6-41.el8_3.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.3.6-41.el8_3.1?arch=src\u0026epoch=12" } } }, { "category": "product_version", "name": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.src", "product": { "name": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.src", "product_id": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.20.3-6.rhaos4.7.git0d0f863.el8?arch=src" } } }, { "category": "product_version", "name": "openshift-kuryr-0:4.7.0-202106232224.p0.git.c7654fb.el8.src", "product": { "name": "openshift-kuryr-0:4.7.0-202106232224.p0.git.c7654fb.el8.src", "product_id": "openshift-kuryr-0:4.7.0-202106232224.p0.git.c7654fb.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr@4.7.0-202106232224.p0.git.c7654fb.el8?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "product": { "name": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "product_id": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.7.0-202106252127.p0.git.8b4b094.el7?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "product": { "name": "openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "product_id": "openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.7.0-202106252127.p0.git.8b4b094.el7?arch=x86_64" } } }, { "category": "product_version", "name": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "product": { "name": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "product_id": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.20.3-6.rhaos4.7.git0d0f863.el7?arch=x86_64" } } }, { "category": "product_version", "name": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "product": { "name": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "product_id": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debuginfo@1.20.3-6.rhaos4.7.git0d0f863.el7?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "product": { "name": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "product_id": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.7.0-202106252127.p0.git.8b4b094.el8?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "product": { "name": "openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "product_id": "openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.7.0-202106252127.p0.git.8b4b094.el8?arch=x86_64" } } }, { "category": "product_version", "name": "polkit-0:0.115-11.el8_3.2.x86_64", "product": { "name": "polkit-0:0.115-11.el8_3.2.x86_64", "product_id": "polkit-0:0.115-11.el8_3.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/polkit@0.115-11.el8_3.2?arch=x86_64" } } }, { "category": "product_version", "name": "polkit-libs-0:0.115-11.el8_3.2.x86_64", "product": { "name": "polkit-libs-0:0.115-11.el8_3.2.x86_64", "product_id": "polkit-libs-0:0.115-11.el8_3.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/polkit-libs@0.115-11.el8_3.2?arch=x86_64" } } }, { "category": "product_version", "name": "polkit-debugsource-0:0.115-11.el8_3.2.x86_64", "product": { "name": "polkit-debugsource-0:0.115-11.el8_3.2.x86_64", "product_id": "polkit-debugsource-0:0.115-11.el8_3.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/polkit-debugsource@0.115-11.el8_3.2?arch=x86_64" } } }, { "category": "product_version", "name": "polkit-debuginfo-0:0.115-11.el8_3.2.x86_64", "product": { "name": "polkit-debuginfo-0:0.115-11.el8_3.2.x86_64", "product_id": "polkit-debuginfo-0:0.115-11.el8_3.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/polkit-debuginfo@0.115-11.el8_3.2?arch=x86_64" } } }, { "category": "product_version", "name": "polkit-libs-debuginfo-0:0.115-11.el8_3.2.x86_64", "product": { "name": "polkit-libs-debuginfo-0:0.115-11.el8_3.2.x86_64", "product_id": "polkit-libs-debuginfo-0:0.115-11.el8_3.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/polkit-libs-debuginfo@0.115-11.el8_3.2?arch=x86_64" } } }, { "category": "product_version", "name": "dhcp-client-12:4.3.6-41.el8_3.1.x86_64", "product": { "name": "dhcp-client-12:4.3.6-41.el8_3.1.x86_64", "product_id": "dhcp-client-12:4.3.6-41.el8_3.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client@4.3.6-41.el8_3.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.3.6-41.el8_3.1.x86_64", "product": { "name": "dhcp-libs-12:4.3.6-41.el8_3.1.x86_64", "product_id": "dhcp-libs-12:4.3.6-41.el8_3.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.3.6-41.el8_3.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debugsource-12:4.3.6-41.el8_3.1.x86_64", "product": { "name": "dhcp-debugsource-12:4.3.6-41.el8_3.1.x86_64", "product_id": "dhcp-debugsource-12:4.3.6-41.el8_3.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debugsource@4.3.6-41.el8_3.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-client-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "product": { "name": "dhcp-client-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "product_id": "dhcp-client-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client-debuginfo@4.3.6-41.el8_3.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "product": { "name": "dhcp-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "product_id": "dhcp-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.3.6-41.el8_3.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "product": { "name": "dhcp-libs-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "product_id": "dhcp-libs-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs-debuginfo@4.3.6-41.el8_3.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "product": { "name": "dhcp-relay-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "product_id": "dhcp-relay-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay-debuginfo@4.3.6-41.el8_3.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "product": { "name": "dhcp-server-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "product_id": "dhcp-server-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server-debuginfo@4.3.6-41.el8_3.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "product": { "name": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "product_id": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.20.3-6.rhaos4.7.git0d0f863.el8?arch=x86_64" } } }, { "category": "product_version", "name": "cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "product": { "name": "cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "product_id": "cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debugsource@1.20.3-6.rhaos4.7.git0d0f863.el8?arch=x86_64" } } }, { "category": "product_version", "name": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "product": { "name": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "product_id": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debuginfo@1.20.3-6.rhaos4.7.git0d0f863.el8?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.ppc64le", "product": { "name": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.ppc64le", "product_id": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.7.0-202106252127.p0.git.8b4b094.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "product": { "name": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "product_id": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.20.3-6.rhaos4.7.git0d0f863.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "product": { "name": "cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "product_id": "cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debugsource@1.20.3-6.rhaos4.7.git0d0f863.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "product": { "name": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "product_id": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debuginfo@1.20.3-6.rhaos4.7.git0d0f863.el8?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.s390x", "product": { "name": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.s390x", "product_id": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.7.0-202106252127.p0.git.8b4b094.el8?arch=s390x" } } }, { "category": "product_version", "name": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "product": { "name": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "product_id": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.20.3-6.rhaos4.7.git0d0f863.el8?arch=s390x" } } }, { "category": "product_version", "name": "cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "product": { "name": "cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "product_id": "cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debugsource@1.20.3-6.rhaos4.7.git0d0f863.el8?arch=s390x" } } }, { "category": "product_version", "name": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "product": { "name": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "product_id": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debuginfo@1.20.3-6.rhaos4.7.git0d0f863.el8?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "dhcp-common-12:4.3.6-41.el8_3.1.noarch", "product": { "name": "dhcp-common-12:4.3.6-41.el8_3.1.noarch", "product_id": "dhcp-common-12:4.3.6-41.el8_3.1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.3.6-41.el8_3.1?arch=noarch\u0026epoch=12" } } }, { "category": "product_version", "name": "openshift-kuryr-cni-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "product": { "name": "openshift-kuryr-cni-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "product_id": "openshift-kuryr-cni-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr-cni@4.7.0-202106232224.p0.git.c7654fb.el8?arch=noarch" } } }, { "category": "product_version", "name": "openshift-kuryr-common-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "product": { "name": "openshift-kuryr-common-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "product_id": "openshift-kuryr-common-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr-common@4.7.0-202106232224.p0.git.c7654fb.el8?arch=noarch" } } }, { "category": "product_version", "name": "openshift-kuryr-controller-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "product": { "name": "openshift-kuryr-controller-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "product_id": "openshift-kuryr-controller-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr-controller@4.7.0-202106232224.p0.git.c7654fb.el8?arch=noarch" } } }, { "category": "product_version", "name": "python3-kuryr-kubernetes-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "product": { "name": "python3-kuryr-kubernetes-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "product_id": "python3-kuryr-kubernetes-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-kuryr-kubernetes@4.7.0-202106232224.p0.git.c7654fb.el8?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.src as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "7Server-RH7-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.src" }, "product_reference": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "7Server-RH7-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64" }, "product_reference": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "7Server-RH7-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64" }, "product_reference": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.src as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.src" }, "product_reference": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64" }, "product_reference": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64" }, "product_reference": "openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le" }, "product_reference": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x" }, "product_reference": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.src as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.src" }, "product_reference": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64" }, "product_reference": "cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le" }, "product_reference": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x" }, "product_reference": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64" }, "product_reference": "cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le" }, "product_reference": "cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x" }, "product_reference": "cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64" }, "product_reference": "cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.3.6-41.el8_3.1.src as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:dhcp-12:4.3.6-41.el8_3.1.src" }, "product_reference": "dhcp-12:4.3.6-41.el8_3.1.src", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-12:4.3.6-41.el8_3.1.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:dhcp-client-12:4.3.6-41.el8_3.1.x86_64" }, "product_reference": "dhcp-client-12:4.3.6-41.el8_3.1.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-debuginfo-12:4.3.6-41.el8_3.1.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:dhcp-client-debuginfo-12:4.3.6-41.el8_3.1.x86_64" }, "product_reference": "dhcp-client-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.3.6-41.el8_3.1.noarch as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:dhcp-common-12:4.3.6-41.el8_3.1.noarch" }, "product_reference": "dhcp-common-12:4.3.6-41.el8_3.1.noarch", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.3.6-41.el8_3.1.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:dhcp-debuginfo-12:4.3.6-41.el8_3.1.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debugsource-12:4.3.6-41.el8_3.1.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:dhcp-debugsource-12:4.3.6-41.el8_3.1.x86_64" }, "product_reference": "dhcp-debugsource-12:4.3.6-41.el8_3.1.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.3.6-41.el8_3.1.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:dhcp-libs-12:4.3.6-41.el8_3.1.x86_64" }, "product_reference": "dhcp-libs-12:4.3.6-41.el8_3.1.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-debuginfo-12:4.3.6-41.el8_3.1.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:dhcp-libs-debuginfo-12:4.3.6-41.el8_3.1.x86_64" }, "product_reference": "dhcp-libs-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-debuginfo-12:4.3.6-41.el8_3.1.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:dhcp-relay-debuginfo-12:4.3.6-41.el8_3.1.x86_64" }, "product_reference": "dhcp-relay-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-debuginfo-12:4.3.6-41.el8_3.1.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:dhcp-server-debuginfo-12:4.3.6-41.el8_3.1.x86_64" }, "product_reference": "dhcp-server-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.ppc64le" }, "product_reference": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.s390x as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.s390x" }, "product_reference": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.src as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.src" }, "product_reference": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64" }, "product_reference": "openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64" }, "product_reference": "openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-0:4.7.0-202106232224.p0.git.c7654fb.el8.src as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202106232224.p0.git.c7654fb.el8.src" }, "product_reference": "openshift-kuryr-0:4.7.0-202106232224.p0.git.c7654fb.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-cni-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch" }, "product_reference": "openshift-kuryr-cni-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-common-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch" }, "product_reference": "openshift-kuryr-common-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-controller-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch" }, "product_reference": "openshift-kuryr-controller-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "polkit-0:0.115-11.el8_3.2.src as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:polkit-0:0.115-11.el8_3.2.src" }, "product_reference": "polkit-0:0.115-11.el8_3.2.src", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "polkit-0:0.115-11.el8_3.2.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:polkit-0:0.115-11.el8_3.2.x86_64" }, "product_reference": "polkit-0:0.115-11.el8_3.2.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "polkit-debuginfo-0:0.115-11.el8_3.2.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:polkit-debuginfo-0:0.115-11.el8_3.2.x86_64" }, "product_reference": "polkit-debuginfo-0:0.115-11.el8_3.2.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "polkit-debugsource-0:0.115-11.el8_3.2.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:polkit-debugsource-0:0.115-11.el8_3.2.x86_64" }, "product_reference": "polkit-debugsource-0:0.115-11.el8_3.2.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "polkit-libs-0:0.115-11.el8_3.2.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:polkit-libs-0:0.115-11.el8_3.2.x86_64" }, "product_reference": "polkit-libs-0:0.115-11.el8_3.2.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "polkit-libs-debuginfo-0:0.115-11.el8_3.2.x86_64 as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:polkit-libs-debuginfo-0:0.115-11.el8_3.2.x86_64" }, "product_reference": "polkit-libs-debuginfo-0:0.115-11.el8_3.2.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.7" }, { "category": "default_component_of", "full_product_name": { "name": "python3-kuryr-kubernetes-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch as a component of Red Hat OpenShift Container Platform 4.7", "product_id": "8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch" }, "product_reference": "python3-kuryr-kubernetes-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "relates_to_product_reference": "8Base-RHOSE-4.7" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Kevin Backhouse" ], "organization": "GitHub Security Lab" } ], "cve": "CVE-2021-3560", "cwe": { "id": "CWE-754", "name": "Improper Check for Unusual or Exceptional Conditions" }, "discovery_date": "2021-05-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1961710" } ], "notes": [ { "category": "description", "text": "It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "polkit: local privilege escalation using polkit_system_bus_name_get_creds_sync()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.src", "7Server-RH7-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "7Server-RH7-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.src", "7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.src", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:dhcp-12:4.3.6-41.el8_3.1.src", "8Base-RHOSE-4.7:dhcp-client-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-client-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-common-12:4.3.6-41.el8_3.1.noarch", "8Base-RHOSE-4.7:dhcp-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-debugsource-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-libs-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-libs-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-relay-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-server-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.ppc64le", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.s390x", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.src", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202106232224.p0.git.c7654fb.el8.src", "8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:polkit-0:0.115-11.el8_3.2.src", "8Base-RHOSE-4.7:polkit-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-debuginfo-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-debugsource-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-libs-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-libs-debuginfo-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3560" }, { "category": "external", "summary": "RHBZ#1961710", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961710" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3560", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3560" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3560", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3560" }, { "category": "external", "summary": "https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/", "url": "https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2021-06-03T06:55:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-07-06T11:31:17+00:00", "details": "For OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html", "product_ids": [ "7Server-RH7-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.src", "7Server-RH7-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "7Server-RH7-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.src", "7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.src", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:dhcp-12:4.3.6-41.el8_3.1.src", "8Base-RHOSE-4.7:dhcp-client-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-client-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-common-12:4.3.6-41.el8_3.1.noarch", "8Base-RHOSE-4.7:dhcp-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-debugsource-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-libs-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-libs-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-relay-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-server-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.ppc64le", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.s390x", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.src", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202106232224.p0.git.c7654fb.el8.src", "8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:polkit-0:0.115-11.el8_3.2.src", "8Base-RHOSE-4.7:polkit-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-debuginfo-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-debugsource-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-libs-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-libs-debuginfo-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2555" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.", "product_ids": [ "7Server-RH7-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.src", "7Server-RH7-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "7Server-RH7-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.src", "7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.src", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:dhcp-12:4.3.6-41.el8_3.1.src", "8Base-RHOSE-4.7:dhcp-client-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-client-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-common-12:4.3.6-41.el8_3.1.noarch", "8Base-RHOSE-4.7:dhcp-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-debugsource-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-libs-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-libs-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-relay-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-server-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.ppc64le", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.s390x", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.src", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202106232224.p0.git.c7654fb.el8.src", "8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:polkit-0:0.115-11.el8_3.2.src", "8Base-RHOSE-4.7:polkit-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-debuginfo-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-debugsource-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-libs-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-libs-debuginfo-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.src", "7Server-RH7-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "7Server-RH7-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.src", "7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.src", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:dhcp-12:4.3.6-41.el8_3.1.src", "8Base-RHOSE-4.7:dhcp-client-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-client-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-common-12:4.3.6-41.el8_3.1.noarch", "8Base-RHOSE-4.7:dhcp-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-debugsource-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-libs-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-libs-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-relay-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-server-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.ppc64le", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.s390x", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.src", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202106232224.p0.git.c7654fb.el8.src", "8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:polkit-0:0.115-11.el8_3.2.src", "8Base-RHOSE-4.7:polkit-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-debuginfo-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-debugsource-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-libs-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-libs-debuginfo-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch" ] } ], "threats": [ { "category": "exploit_status", "date": "2023-05-12T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Important" } ], "title": "polkit: local privilege escalation using polkit_system_bus_name_get_creds_sync()" }, { "cve": "CVE-2021-25217", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2021-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1963258" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Dynamic Host Configuration Protocol (DHCP). There is a discrepancy between the code that handles encapsulated option information in leases transmitted \"on the wire\" and the code which reads and parses lease information after it has been written to disk storage. This flaw allows an attacker to deliberately cause a situation where dhcpd while running in DHCPv4 or DHCPv6 mode, or the dhclient attempts to read a stored lease that contains option information, to trigger a stack-based buffer overflow in the option parsing code for colon-separated hex digits values. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient", "title": "Vulnerability summary" }, { "category": "other", "text": "To abuse this flaw an attacker has to be on the same local sub-net of the victim machine. An attacker may send crafted DHCP messages with long lease statements that, when stored locally on file and then re-read by dhclient or dhcpd, might trigger the bug.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.src", "7Server-RH7-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "7Server-RH7-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.src", "7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.src", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:dhcp-12:4.3.6-41.el8_3.1.src", "8Base-RHOSE-4.7:dhcp-client-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-client-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-common-12:4.3.6-41.el8_3.1.noarch", "8Base-RHOSE-4.7:dhcp-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-debugsource-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-libs-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-libs-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-relay-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-server-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.ppc64le", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.s390x", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.src", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202106232224.p0.git.c7654fb.el8.src", "8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:polkit-0:0.115-11.el8_3.2.src", "8Base-RHOSE-4.7:polkit-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-debuginfo-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-debugsource-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-libs-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-libs-debuginfo-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-25217" }, { "category": "external", "summary": "RHBZ#1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-25217", "url": "https://www.cve.org/CVERecord?id=CVE-2021-25217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217" }, { "category": "external", "summary": "https://kb.isc.org/docs/cve-2021-25217", "url": "https://kb.isc.org/docs/cve-2021-25217" } ], "release_date": "2021-05-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-07-06T11:31:17+00:00", "details": "For OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html", "product_ids": [ "7Server-RH7-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.src", "7Server-RH7-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "7Server-RH7-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.src", "7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.src", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:dhcp-12:4.3.6-41.el8_3.1.src", "8Base-RHOSE-4.7:dhcp-client-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-client-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-common-12:4.3.6-41.el8_3.1.noarch", "8Base-RHOSE-4.7:dhcp-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-debugsource-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-libs-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-libs-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-relay-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-server-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.ppc64le", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.s390x", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.src", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202106232224.p0.git.c7654fb.el8.src", "8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:polkit-0:0.115-11.el8_3.2.src", "8Base-RHOSE-4.7:polkit-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-debuginfo-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-debugsource-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-libs-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-libs-debuginfo-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2555" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.src", "7Server-RH7-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "7Server-RH7-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el7.x86_64", "7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.src", "7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el7.x86_64", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.src", "8Base-RHOSE-4.7:cri-o-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-debuginfo-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.ppc64le", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.s390x", "8Base-RHOSE-4.7:cri-o-debugsource-0:1.20.3-6.rhaos4.7.git0d0f863.el8.x86_64", "8Base-RHOSE-4.7:dhcp-12:4.3.6-41.el8_3.1.src", "8Base-RHOSE-4.7:dhcp-client-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-client-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-common-12:4.3.6-41.el8_3.1.noarch", "8Base-RHOSE-4.7:dhcp-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-debugsource-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-libs-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-libs-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-relay-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:dhcp-server-debuginfo-12:4.3.6-41.el8_3.1.x86_64", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.ppc64le", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.s390x", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.src", "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202106252127.p0.git.8b4b094.el8.x86_64", "8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202106232224.p0.git.c7654fb.el8.src", "8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch", "8Base-RHOSE-4.7:polkit-0:0.115-11.el8_3.2.src", "8Base-RHOSE-4.7:polkit-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-debuginfo-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-debugsource-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-libs-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:polkit-libs-debuginfo-0:0.115-11.el8_3.2.x86_64", "8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202106232224.p0.git.c7654fb.el8.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient" } ] }
rhsa-2021_2418
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for dhcp is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es):\n\n* dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:2418", "url": "https://access.redhat.com/errata/RHSA-2021:2418" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2418.json" } ], "title": "Red Hat Security Advisory: dhcp security update", "tracking": { "current_release_date": "2024-11-15T11:51:26+00:00", "generator": { "date": "2024-11-15T11:51:26+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:2418", "initial_release_date": "2021-06-14T19:33:00+00:00", "revision_history": [ { "date": "2021-06-14T19:33:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-06-14T19:33:00+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T11:51:26+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Server AUS (v. 7.2)", "product": { "name": "Red Hat Enterprise Linux Server AUS (v. 7.2)", "product_id": "7Server-7.2.AUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_aus:7.2::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", "product": { "name": "Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", "product_id": "7Server-optional-7.2.AUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_aus:7.2::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "dhclient-12:4.2.5-42.el7_2.2.x86_64", "product": { "name": "dhclient-12:4.2.5-42.el7_2.2.x86_64", "product_id": "dhclient-12:4.2.5-42.el7_2.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhclient@4.2.5-42.el7_2.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-12:4.2.5-42.el7_2.2.x86_64", "product": { "name": "dhcp-12:4.2.5-42.el7_2.2.x86_64", "product_id": "dhcp-12:4.2.5-42.el7_2.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-42.el7_2.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-common-12:4.2.5-42.el7_2.2.x86_64", "product": { "name": "dhcp-common-12:4.2.5-42.el7_2.2.x86_64", "product_id": "dhcp-common-12:4.2.5-42.el7_2.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.2.5-42.el7_2.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.2.5-42.el7_2.2.x86_64", "product": { "name": "dhcp-libs-12:4.2.5-42.el7_2.2.x86_64", "product_id": "dhcp-libs-12:4.2.5-42.el7_2.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-42.el7_2.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-42.el7_2.2.x86_64", "product": { "name": "dhcp-debuginfo-12:4.2.5-42.el7_2.2.x86_64", "product_id": "dhcp-debuginfo-12:4.2.5-42.el7_2.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-42.el7_2.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-42.el7_2.2.x86_64", "product": { "name": "dhcp-devel-12:4.2.5-42.el7_2.2.x86_64", "product_id": "dhcp-devel-12:4.2.5-42.el7_2.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-42.el7_2.2?arch=x86_64\u0026epoch=12" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "dhcp-libs-12:4.2.5-42.el7_2.2.i686", "product": { "name": "dhcp-libs-12:4.2.5-42.el7_2.2.i686", "product_id": "dhcp-libs-12:4.2.5-42.el7_2.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-42.el7_2.2?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-42.el7_2.2.i686", "product": { "name": "dhcp-debuginfo-12:4.2.5-42.el7_2.2.i686", "product_id": "dhcp-debuginfo-12:4.2.5-42.el7_2.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-42.el7_2.2?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-42.el7_2.2.i686", "product": { "name": "dhcp-devel-12:4.2.5-42.el7_2.2.i686", "product_id": "dhcp-devel-12:4.2.5-42.el7_2.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-42.el7_2.2?arch=i686\u0026epoch=12" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "dhcp-12:4.2.5-42.el7_2.2.src", "product": { "name": "dhcp-12:4.2.5-42.el7_2.2.src", "product_id": "dhcp-12:4.2.5-42.el7_2.2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-42.el7_2.2?arch=src\u0026epoch=12" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-42.el7_2.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", "product_id": "7Server-7.2.AUS:dhclient-12:4.2.5-42.el7_2.2.x86_64" }, "product_reference": "dhclient-12:4.2.5-42.el7_2.2.x86_64", "relates_to_product_reference": "7Server-7.2.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-42.el7_2.2.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", "product_id": "7Server-7.2.AUS:dhcp-12:4.2.5-42.el7_2.2.src" }, "product_reference": "dhcp-12:4.2.5-42.el7_2.2.src", "relates_to_product_reference": "7Server-7.2.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-42.el7_2.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", "product_id": "7Server-7.2.AUS:dhcp-12:4.2.5-42.el7_2.2.x86_64" }, "product_reference": "dhcp-12:4.2.5-42.el7_2.2.x86_64", "relates_to_product_reference": "7Server-7.2.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-42.el7_2.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", "product_id": "7Server-7.2.AUS:dhcp-common-12:4.2.5-42.el7_2.2.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-42.el7_2.2.x86_64", "relates_to_product_reference": "7Server-7.2.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-42.el7_2.2.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", "product_id": "7Server-7.2.AUS:dhcp-debuginfo-12:4.2.5-42.el7_2.2.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-42.el7_2.2.i686", "relates_to_product_reference": "7Server-7.2.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-42.el7_2.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", "product_id": "7Server-7.2.AUS:dhcp-debuginfo-12:4.2.5-42.el7_2.2.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-42.el7_2.2.x86_64", "relates_to_product_reference": "7Server-7.2.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-42.el7_2.2.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", "product_id": "7Server-7.2.AUS:dhcp-devel-12:4.2.5-42.el7_2.2.i686" }, "product_reference": "dhcp-devel-12:4.2.5-42.el7_2.2.i686", "relates_to_product_reference": "7Server-7.2.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-42.el7_2.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", "product_id": "7Server-7.2.AUS:dhcp-devel-12:4.2.5-42.el7_2.2.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-42.el7_2.2.x86_64", "relates_to_product_reference": "7Server-7.2.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-42.el7_2.2.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", "product_id": "7Server-7.2.AUS:dhcp-libs-12:4.2.5-42.el7_2.2.i686" }, "product_reference": "dhcp-libs-12:4.2.5-42.el7_2.2.i686", "relates_to_product_reference": "7Server-7.2.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-42.el7_2.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", "product_id": "7Server-7.2.AUS:dhcp-libs-12:4.2.5-42.el7_2.2.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-42.el7_2.2.x86_64", "relates_to_product_reference": "7Server-7.2.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-42.el7_2.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", "product_id": "7Server-optional-7.2.AUS:dhclient-12:4.2.5-42.el7_2.2.x86_64" }, "product_reference": "dhclient-12:4.2.5-42.el7_2.2.x86_64", "relates_to_product_reference": "7Server-optional-7.2.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-42.el7_2.2.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", "product_id": "7Server-optional-7.2.AUS:dhcp-12:4.2.5-42.el7_2.2.src" }, "product_reference": "dhcp-12:4.2.5-42.el7_2.2.src", "relates_to_product_reference": "7Server-optional-7.2.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-42.el7_2.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", "product_id": "7Server-optional-7.2.AUS:dhcp-12:4.2.5-42.el7_2.2.x86_64" }, "product_reference": "dhcp-12:4.2.5-42.el7_2.2.x86_64", "relates_to_product_reference": "7Server-optional-7.2.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-42.el7_2.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", "product_id": "7Server-optional-7.2.AUS:dhcp-common-12:4.2.5-42.el7_2.2.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-42.el7_2.2.x86_64", "relates_to_product_reference": "7Server-optional-7.2.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-42.el7_2.2.i686 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", "product_id": "7Server-optional-7.2.AUS:dhcp-debuginfo-12:4.2.5-42.el7_2.2.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-42.el7_2.2.i686", "relates_to_product_reference": "7Server-optional-7.2.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-42.el7_2.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", "product_id": "7Server-optional-7.2.AUS:dhcp-debuginfo-12:4.2.5-42.el7_2.2.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-42.el7_2.2.x86_64", "relates_to_product_reference": "7Server-optional-7.2.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-42.el7_2.2.i686 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", "product_id": "7Server-optional-7.2.AUS:dhcp-devel-12:4.2.5-42.el7_2.2.i686" }, "product_reference": "dhcp-devel-12:4.2.5-42.el7_2.2.i686", "relates_to_product_reference": "7Server-optional-7.2.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-42.el7_2.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", "product_id": "7Server-optional-7.2.AUS:dhcp-devel-12:4.2.5-42.el7_2.2.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-42.el7_2.2.x86_64", "relates_to_product_reference": "7Server-optional-7.2.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-42.el7_2.2.i686 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", "product_id": "7Server-optional-7.2.AUS:dhcp-libs-12:4.2.5-42.el7_2.2.i686" }, "product_reference": "dhcp-libs-12:4.2.5-42.el7_2.2.i686", "relates_to_product_reference": "7Server-optional-7.2.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-42.el7_2.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", "product_id": "7Server-optional-7.2.AUS:dhcp-libs-12:4.2.5-42.el7_2.2.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-42.el7_2.2.x86_64", "relates_to_product_reference": "7Server-optional-7.2.AUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-25217", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2021-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1963258" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Dynamic Host Configuration Protocol (DHCP). There is a discrepancy between the code that handles encapsulated option information in leases transmitted \"on the wire\" and the code which reads and parses lease information after it has been written to disk storage. This flaw allows an attacker to deliberately cause a situation where dhcpd while running in DHCPv4 or DHCPv6 mode, or the dhclient attempts to read a stored lease that contains option information, to trigger a stack-based buffer overflow in the option parsing code for colon-separated hex digits values. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient", "title": "Vulnerability summary" }, { "category": "other", "text": "To abuse this flaw an attacker has to be on the same local sub-net of the victim machine. An attacker may send crafted DHCP messages with long lease statements that, when stored locally on file and then re-read by dhclient or dhcpd, might trigger the bug.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-7.2.AUS:dhclient-12:4.2.5-42.el7_2.2.x86_64", "7Server-7.2.AUS:dhcp-12:4.2.5-42.el7_2.2.src", "7Server-7.2.AUS:dhcp-12:4.2.5-42.el7_2.2.x86_64", "7Server-7.2.AUS:dhcp-common-12:4.2.5-42.el7_2.2.x86_64", "7Server-7.2.AUS:dhcp-debuginfo-12:4.2.5-42.el7_2.2.i686", "7Server-7.2.AUS:dhcp-debuginfo-12:4.2.5-42.el7_2.2.x86_64", "7Server-7.2.AUS:dhcp-devel-12:4.2.5-42.el7_2.2.i686", "7Server-7.2.AUS:dhcp-devel-12:4.2.5-42.el7_2.2.x86_64", "7Server-7.2.AUS:dhcp-libs-12:4.2.5-42.el7_2.2.i686", "7Server-7.2.AUS:dhcp-libs-12:4.2.5-42.el7_2.2.x86_64", "7Server-optional-7.2.AUS:dhclient-12:4.2.5-42.el7_2.2.x86_64", "7Server-optional-7.2.AUS:dhcp-12:4.2.5-42.el7_2.2.src", "7Server-optional-7.2.AUS:dhcp-12:4.2.5-42.el7_2.2.x86_64", "7Server-optional-7.2.AUS:dhcp-common-12:4.2.5-42.el7_2.2.x86_64", "7Server-optional-7.2.AUS:dhcp-debuginfo-12:4.2.5-42.el7_2.2.i686", "7Server-optional-7.2.AUS:dhcp-debuginfo-12:4.2.5-42.el7_2.2.x86_64", "7Server-optional-7.2.AUS:dhcp-devel-12:4.2.5-42.el7_2.2.i686", "7Server-optional-7.2.AUS:dhcp-devel-12:4.2.5-42.el7_2.2.x86_64", "7Server-optional-7.2.AUS:dhcp-libs-12:4.2.5-42.el7_2.2.i686", "7Server-optional-7.2.AUS:dhcp-libs-12:4.2.5-42.el7_2.2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-25217" }, { "category": "external", "summary": "RHBZ#1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-25217", "url": "https://www.cve.org/CVERecord?id=CVE-2021-25217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217" }, { "category": "external", "summary": "https://kb.isc.org/docs/cve-2021-25217", "url": "https://kb.isc.org/docs/cve-2021-25217" } ], "release_date": "2021-05-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-06-14T19:33:00+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-7.2.AUS:dhclient-12:4.2.5-42.el7_2.2.x86_64", "7Server-7.2.AUS:dhcp-12:4.2.5-42.el7_2.2.src", "7Server-7.2.AUS:dhcp-12:4.2.5-42.el7_2.2.x86_64", "7Server-7.2.AUS:dhcp-common-12:4.2.5-42.el7_2.2.x86_64", "7Server-7.2.AUS:dhcp-debuginfo-12:4.2.5-42.el7_2.2.i686", "7Server-7.2.AUS:dhcp-debuginfo-12:4.2.5-42.el7_2.2.x86_64", "7Server-7.2.AUS:dhcp-devel-12:4.2.5-42.el7_2.2.i686", "7Server-7.2.AUS:dhcp-devel-12:4.2.5-42.el7_2.2.x86_64", "7Server-7.2.AUS:dhcp-libs-12:4.2.5-42.el7_2.2.i686", "7Server-7.2.AUS:dhcp-libs-12:4.2.5-42.el7_2.2.x86_64", "7Server-optional-7.2.AUS:dhclient-12:4.2.5-42.el7_2.2.x86_64", "7Server-optional-7.2.AUS:dhcp-12:4.2.5-42.el7_2.2.src", "7Server-optional-7.2.AUS:dhcp-12:4.2.5-42.el7_2.2.x86_64", "7Server-optional-7.2.AUS:dhcp-common-12:4.2.5-42.el7_2.2.x86_64", "7Server-optional-7.2.AUS:dhcp-debuginfo-12:4.2.5-42.el7_2.2.i686", "7Server-optional-7.2.AUS:dhcp-debuginfo-12:4.2.5-42.el7_2.2.x86_64", "7Server-optional-7.2.AUS:dhcp-devel-12:4.2.5-42.el7_2.2.i686", "7Server-optional-7.2.AUS:dhcp-devel-12:4.2.5-42.el7_2.2.x86_64", "7Server-optional-7.2.AUS:dhcp-libs-12:4.2.5-42.el7_2.2.i686", "7Server-optional-7.2.AUS:dhcp-libs-12:4.2.5-42.el7_2.2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2418" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-7.2.AUS:dhclient-12:4.2.5-42.el7_2.2.x86_64", "7Server-7.2.AUS:dhcp-12:4.2.5-42.el7_2.2.src", "7Server-7.2.AUS:dhcp-12:4.2.5-42.el7_2.2.x86_64", "7Server-7.2.AUS:dhcp-common-12:4.2.5-42.el7_2.2.x86_64", "7Server-7.2.AUS:dhcp-debuginfo-12:4.2.5-42.el7_2.2.i686", "7Server-7.2.AUS:dhcp-debuginfo-12:4.2.5-42.el7_2.2.x86_64", "7Server-7.2.AUS:dhcp-devel-12:4.2.5-42.el7_2.2.i686", "7Server-7.2.AUS:dhcp-devel-12:4.2.5-42.el7_2.2.x86_64", "7Server-7.2.AUS:dhcp-libs-12:4.2.5-42.el7_2.2.i686", "7Server-7.2.AUS:dhcp-libs-12:4.2.5-42.el7_2.2.x86_64", "7Server-optional-7.2.AUS:dhclient-12:4.2.5-42.el7_2.2.x86_64", "7Server-optional-7.2.AUS:dhcp-12:4.2.5-42.el7_2.2.src", "7Server-optional-7.2.AUS:dhcp-12:4.2.5-42.el7_2.2.x86_64", "7Server-optional-7.2.AUS:dhcp-common-12:4.2.5-42.el7_2.2.x86_64", "7Server-optional-7.2.AUS:dhcp-debuginfo-12:4.2.5-42.el7_2.2.i686", "7Server-optional-7.2.AUS:dhcp-debuginfo-12:4.2.5-42.el7_2.2.x86_64", "7Server-optional-7.2.AUS:dhcp-devel-12:4.2.5-42.el7_2.2.i686", "7Server-optional-7.2.AUS:dhcp-devel-12:4.2.5-42.el7_2.2.x86_64", "7Server-optional-7.2.AUS:dhcp-libs-12:4.2.5-42.el7_2.2.i686", "7Server-optional-7.2.AUS:dhcp-libs-12:4.2.5-42.el7_2.2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient" } ] }
rhsa-2021_2414
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for dhcp is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es):\n\n* dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:2414", "url": "https://access.redhat.com/errata/RHSA-2021:2414" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2414.json" } ], "title": "Red Hat Security Advisory: dhcp security update", "tracking": { "current_release_date": "2024-11-15T11:51:52+00:00", "generator": { "date": "2024-11-15T11:51:52+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:2414", "initial_release_date": "2021-06-14T19:57:26+00:00", "revision_history": [ { "date": "2021-06-14T19:57:26+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-06-14T19:57:26+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T11:51:52+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Server AUS (v. 7.4)", "product": { "name": "Red Hat Enterprise Linux Server AUS (v. 7.4)", "product_id": "7Server-7.4.AUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_aus:7.4::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", "product": { "name": "Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", "product_id": "7Server-optional-7.4.AUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_aus:7.4::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server E4S (v. 7.4)", "product": { "name": "Red Hat Enterprise Linux Server E4S (v. 7.4)", "product_id": "7Server-7.4.E4S", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_e4s:7.4::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", "product": { "name": "Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", "product_id": "7Server-optional-7.4.E4S", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_e4s:7.4::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server TUS (v. 7.4)", "product": { "name": "Red Hat Enterprise Linux Server TUS (v. 7.4)", "product_id": "7Server-7.4.TUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_tus:7.4::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", "product": { "name": "Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", "product_id": "7Server-optional-7.4.TUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_tus:7.4::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "dhclient-12:4.2.5-58.el7_4.5.x86_64", "product": { "name": "dhclient-12:4.2.5-58.el7_4.5.x86_64", "product_id": "dhclient-12:4.2.5-58.el7_4.5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhclient@4.2.5-58.el7_4.5?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-12:4.2.5-58.el7_4.5.x86_64", "product": { "name": "dhcp-12:4.2.5-58.el7_4.5.x86_64", "product_id": "dhcp-12:4.2.5-58.el7_4.5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-58.el7_4.5?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "product": { "name": "dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "product_id": "dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.2.5-58.el7_4.5?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "product": { "name": "dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "product_id": "dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-58.el7_4.5?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "product": { "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "product_id": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-58.el7_4.5?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "product": { "name": "dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "product_id": "dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-58.el7_4.5?arch=x86_64\u0026epoch=12" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "dhcp-libs-12:4.2.5-58.el7_4.5.i686", "product": { "name": "dhcp-libs-12:4.2.5-58.el7_4.5.i686", "product_id": "dhcp-libs-12:4.2.5-58.el7_4.5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-58.el7_4.5?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "product": { "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "product_id": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-58.el7_4.5?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-58.el7_4.5.i686", "product": { "name": "dhcp-devel-12:4.2.5-58.el7_4.5.i686", "product_id": "dhcp-devel-12:4.2.5-58.el7_4.5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-58.el7_4.5?arch=i686\u0026epoch=12" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "dhcp-12:4.2.5-58.el7_4.5.src", "product": { "name": "dhcp-12:4.2.5-58.el7_4.5.src", "product_id": "dhcp-12:4.2.5-58.el7_4.5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-58.el7_4.5?arch=src\u0026epoch=12" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "dhclient-12:4.2.5-58.el7_4.5.ppc64le", "product": { "name": "dhclient-12:4.2.5-58.el7_4.5.ppc64le", "product_id": "dhclient-12:4.2.5-58.el7_4.5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhclient@4.2.5-58.el7_4.5?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-12:4.2.5-58.el7_4.5.ppc64le", "product": { "name": "dhcp-12:4.2.5-58.el7_4.5.ppc64le", "product_id": "dhcp-12:4.2.5-58.el7_4.5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-58.el7_4.5?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-common-12:4.2.5-58.el7_4.5.ppc64le", "product": { "name": "dhcp-common-12:4.2.5-58.el7_4.5.ppc64le", "product_id": "dhcp-common-12:4.2.5-58.el7_4.5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.2.5-58.el7_4.5?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.2.5-58.el7_4.5.ppc64le", "product": { "name": "dhcp-libs-12:4.2.5-58.el7_4.5.ppc64le", "product_id": "dhcp-libs-12:4.2.5-58.el7_4.5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-58.el7_4.5?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.ppc64le", "product": { "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.ppc64le", "product_id": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-58.el7_4.5?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-58.el7_4.5.ppc64le", "product": { "name": "dhcp-devel-12:4.2.5-58.el7_4.5.ppc64le", "product_id": "dhcp-devel-12:4.2.5-58.el7_4.5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-58.el7_4.5?arch=ppc64le\u0026epoch=12" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", "product_id": "7Server-7.4.AUS:dhclient-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhclient-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-58.el7_4.5.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", "product_id": "7Server-7.4.AUS:dhcp-12:4.2.5-58.el7_4.5.src" }, "product_reference": "dhcp-12:4.2.5-58.el7_4.5.src", "relates_to_product_reference": "7Server-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", "product_id": "7Server-7.4.AUS:dhcp-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", "product_id": "7Server-7.4.AUS:dhcp-common-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", "product_id": "7Server-7.4.AUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "relates_to_product_reference": "7Server-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", "product_id": "7Server-7.4.AUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-58.el7_4.5.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", "product_id": "7Server-7.4.AUS:dhcp-devel-12:4.2.5-58.el7_4.5.i686" }, "product_reference": "dhcp-devel-12:4.2.5-58.el7_4.5.i686", "relates_to_product_reference": "7Server-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", "product_id": "7Server-7.4.AUS:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-58.el7_4.5.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", "product_id": "7Server-7.4.AUS:dhcp-libs-12:4.2.5-58.el7_4.5.i686" }, "product_reference": "dhcp-libs-12:4.2.5-58.el7_4.5.i686", "relates_to_product_reference": "7Server-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", "product_id": "7Server-7.4.AUS:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-58.el7_4.5.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", "product_id": "7Server-7.4.E4S:dhclient-12:4.2.5-58.el7_4.5.ppc64le" }, "product_reference": "dhclient-12:4.2.5-58.el7_4.5.ppc64le", "relates_to_product_reference": "7Server-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", "product_id": "7Server-7.4.E4S:dhclient-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhclient-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-58.el7_4.5.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", "product_id": "7Server-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.ppc64le" }, "product_reference": "dhcp-12:4.2.5-58.el7_4.5.ppc64le", "relates_to_product_reference": "7Server-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-58.el7_4.5.src as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", "product_id": "7Server-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.src" }, "product_reference": "dhcp-12:4.2.5-58.el7_4.5.src", "relates_to_product_reference": "7Server-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", "product_id": "7Server-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-58.el7_4.5.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", "product_id": "7Server-7.4.E4S:dhcp-common-12:4.2.5-58.el7_4.5.ppc64le" }, "product_reference": "dhcp-common-12:4.2.5-58.el7_4.5.ppc64le", "relates_to_product_reference": "7Server-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", "product_id": "7Server-7.4.E4S:dhcp-common-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", "product_id": "7Server-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "relates_to_product_reference": "7Server-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", "product_id": "7Server-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.ppc64le" }, "product_reference": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.ppc64le", "relates_to_product_reference": "7Server-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", "product_id": "7Server-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-58.el7_4.5.i686 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", "product_id": "7Server-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.i686" }, "product_reference": "dhcp-devel-12:4.2.5-58.el7_4.5.i686", "relates_to_product_reference": "7Server-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-58.el7_4.5.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", "product_id": "7Server-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.ppc64le" }, "product_reference": "dhcp-devel-12:4.2.5-58.el7_4.5.ppc64le", "relates_to_product_reference": "7Server-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", "product_id": "7Server-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-58.el7_4.5.i686 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", "product_id": "7Server-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.i686" }, "product_reference": "dhcp-libs-12:4.2.5-58.el7_4.5.i686", "relates_to_product_reference": "7Server-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-58.el7_4.5.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", "product_id": "7Server-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.ppc64le" }, "product_reference": "dhcp-libs-12:4.2.5-58.el7_4.5.ppc64le", "relates_to_product_reference": "7Server-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", "product_id": "7Server-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", "product_id": "7Server-7.4.TUS:dhclient-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhclient-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-7.4.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-58.el7_4.5.src as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", "product_id": "7Server-7.4.TUS:dhcp-12:4.2.5-58.el7_4.5.src" }, "product_reference": "dhcp-12:4.2.5-58.el7_4.5.src", "relates_to_product_reference": "7Server-7.4.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", "product_id": "7Server-7.4.TUS:dhcp-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-7.4.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", "product_id": "7Server-7.4.TUS:dhcp-common-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-7.4.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", "product_id": "7Server-7.4.TUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "relates_to_product_reference": "7Server-7.4.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", "product_id": "7Server-7.4.TUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-7.4.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-58.el7_4.5.i686 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", "product_id": "7Server-7.4.TUS:dhcp-devel-12:4.2.5-58.el7_4.5.i686" }, "product_reference": "dhcp-devel-12:4.2.5-58.el7_4.5.i686", "relates_to_product_reference": "7Server-7.4.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", "product_id": "7Server-7.4.TUS:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-7.4.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-58.el7_4.5.i686 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", "product_id": "7Server-7.4.TUS:dhcp-libs-12:4.2.5-58.el7_4.5.i686" }, "product_reference": "dhcp-libs-12:4.2.5-58.el7_4.5.i686", "relates_to_product_reference": "7Server-7.4.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", "product_id": "7Server-7.4.TUS:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-7.4.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", "product_id": "7Server-optional-7.4.AUS:dhclient-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhclient-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-optional-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-58.el7_4.5.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", "product_id": "7Server-optional-7.4.AUS:dhcp-12:4.2.5-58.el7_4.5.src" }, "product_reference": "dhcp-12:4.2.5-58.el7_4.5.src", "relates_to_product_reference": "7Server-optional-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", "product_id": "7Server-optional-7.4.AUS:dhcp-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-optional-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", "product_id": "7Server-optional-7.4.AUS:dhcp-common-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-optional-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", "product_id": "7Server-optional-7.4.AUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "relates_to_product_reference": "7Server-optional-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", "product_id": "7Server-optional-7.4.AUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-optional-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-58.el7_4.5.i686 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", "product_id": "7Server-optional-7.4.AUS:dhcp-devel-12:4.2.5-58.el7_4.5.i686" }, "product_reference": "dhcp-devel-12:4.2.5-58.el7_4.5.i686", "relates_to_product_reference": "7Server-optional-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", "product_id": "7Server-optional-7.4.AUS:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-optional-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-58.el7_4.5.i686 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", "product_id": "7Server-optional-7.4.AUS:dhcp-libs-12:4.2.5-58.el7_4.5.i686" }, "product_reference": "dhcp-libs-12:4.2.5-58.el7_4.5.i686", "relates_to_product_reference": "7Server-optional-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", "product_id": "7Server-optional-7.4.AUS:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-optional-7.4.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-58.el7_4.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", "product_id": "7Server-optional-7.4.E4S:dhclient-12:4.2.5-58.el7_4.5.ppc64le" }, "product_reference": "dhclient-12:4.2.5-58.el7_4.5.ppc64le", "relates_to_product_reference": "7Server-optional-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", "product_id": "7Server-optional-7.4.E4S:dhclient-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhclient-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-optional-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-58.el7_4.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", "product_id": "7Server-optional-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.ppc64le" }, "product_reference": "dhcp-12:4.2.5-58.el7_4.5.ppc64le", "relates_to_product_reference": "7Server-optional-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-58.el7_4.5.src as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", "product_id": "7Server-optional-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.src" }, "product_reference": "dhcp-12:4.2.5-58.el7_4.5.src", "relates_to_product_reference": "7Server-optional-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", "product_id": "7Server-optional-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-optional-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-58.el7_4.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", "product_id": "7Server-optional-7.4.E4S:dhcp-common-12:4.2.5-58.el7_4.5.ppc64le" }, "product_reference": "dhcp-common-12:4.2.5-58.el7_4.5.ppc64le", "relates_to_product_reference": "7Server-optional-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", "product_id": "7Server-optional-7.4.E4S:dhcp-common-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-optional-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", "product_id": "7Server-optional-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "relates_to_product_reference": "7Server-optional-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", "product_id": "7Server-optional-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.ppc64le" }, "product_reference": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.ppc64le", "relates_to_product_reference": "7Server-optional-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", "product_id": "7Server-optional-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-optional-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-58.el7_4.5.i686 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", "product_id": "7Server-optional-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.i686" }, "product_reference": "dhcp-devel-12:4.2.5-58.el7_4.5.i686", "relates_to_product_reference": "7Server-optional-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-58.el7_4.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", "product_id": "7Server-optional-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.ppc64le" }, "product_reference": "dhcp-devel-12:4.2.5-58.el7_4.5.ppc64le", "relates_to_product_reference": "7Server-optional-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", "product_id": "7Server-optional-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-optional-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-58.el7_4.5.i686 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", "product_id": "7Server-optional-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.i686" }, "product_reference": "dhcp-libs-12:4.2.5-58.el7_4.5.i686", "relates_to_product_reference": "7Server-optional-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-58.el7_4.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", "product_id": "7Server-optional-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.ppc64le" }, "product_reference": "dhcp-libs-12:4.2.5-58.el7_4.5.ppc64le", "relates_to_product_reference": "7Server-optional-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", "product_id": "7Server-optional-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-optional-7.4.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", "product_id": "7Server-optional-7.4.TUS:dhclient-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhclient-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-optional-7.4.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-58.el7_4.5.src as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", "product_id": "7Server-optional-7.4.TUS:dhcp-12:4.2.5-58.el7_4.5.src" }, "product_reference": "dhcp-12:4.2.5-58.el7_4.5.src", "relates_to_product_reference": "7Server-optional-7.4.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", "product_id": "7Server-optional-7.4.TUS:dhcp-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-optional-7.4.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", "product_id": "7Server-optional-7.4.TUS:dhcp-common-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-optional-7.4.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", "product_id": "7Server-optional-7.4.TUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "relates_to_product_reference": "7Server-optional-7.4.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", "product_id": "7Server-optional-7.4.TUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-optional-7.4.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-58.el7_4.5.i686 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", "product_id": "7Server-optional-7.4.TUS:dhcp-devel-12:4.2.5-58.el7_4.5.i686" }, "product_reference": "dhcp-devel-12:4.2.5-58.el7_4.5.i686", "relates_to_product_reference": "7Server-optional-7.4.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", "product_id": "7Server-optional-7.4.TUS:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-optional-7.4.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-58.el7_4.5.i686 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", "product_id": "7Server-optional-7.4.TUS:dhcp-libs-12:4.2.5-58.el7_4.5.i686" }, "product_reference": "dhcp-libs-12:4.2.5-58.el7_4.5.i686", "relates_to_product_reference": "7Server-optional-7.4.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-58.el7_4.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", "product_id": "7Server-optional-7.4.TUS:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "relates_to_product_reference": "7Server-optional-7.4.TUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-25217", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2021-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1963258" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Dynamic Host Configuration Protocol (DHCP). There is a discrepancy between the code that handles encapsulated option information in leases transmitted \"on the wire\" and the code which reads and parses lease information after it has been written to disk storage. This flaw allows an attacker to deliberately cause a situation where dhcpd while running in DHCPv4 or DHCPv6 mode, or the dhclient attempts to read a stored lease that contains option information, to trigger a stack-based buffer overflow in the option parsing code for colon-separated hex digits values. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient", "title": "Vulnerability summary" }, { "category": "other", "text": "To abuse this flaw an attacker has to be on the same local sub-net of the victim machine. An attacker may send crafted DHCP messages with long lease statements that, when stored locally on file and then re-read by dhclient or dhcpd, might trigger the bug.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-7.4.AUS:dhclient-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.AUS:dhcp-12:4.2.5-58.el7_4.5.src", "7Server-7.4.AUS:dhcp-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.AUS:dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.AUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.AUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.AUS:dhcp-devel-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.AUS:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.AUS:dhcp-libs-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.AUS:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.E4S:dhclient-12:4.2.5-58.el7_4.5.ppc64le", "7Server-7.4.E4S:dhclient-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.ppc64le", "7Server-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.src", "7Server-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.E4S:dhcp-common-12:4.2.5-58.el7_4.5.ppc64le", "7Server-7.4.E4S:dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.ppc64le", "7Server-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.ppc64le", "7Server-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.ppc64le", "7Server-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.TUS:dhclient-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.TUS:dhcp-12:4.2.5-58.el7_4.5.src", "7Server-7.4.TUS:dhcp-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.TUS:dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.TUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.TUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.TUS:dhcp-devel-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.TUS:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.TUS:dhcp-libs-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.TUS:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.AUS:dhclient-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.AUS:dhcp-12:4.2.5-58.el7_4.5.src", "7Server-optional-7.4.AUS:dhcp-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.AUS:dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.AUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.AUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.AUS:dhcp-devel-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.AUS:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.AUS:dhcp-libs-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.AUS:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.E4S:dhclient-12:4.2.5-58.el7_4.5.ppc64le", "7Server-optional-7.4.E4S:dhclient-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.ppc64le", "7Server-optional-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.src", "7Server-optional-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.E4S:dhcp-common-12:4.2.5-58.el7_4.5.ppc64le", "7Server-optional-7.4.E4S:dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.ppc64le", "7Server-optional-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.ppc64le", "7Server-optional-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.ppc64le", "7Server-optional-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.TUS:dhclient-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.TUS:dhcp-12:4.2.5-58.el7_4.5.src", "7Server-optional-7.4.TUS:dhcp-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.TUS:dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.TUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.TUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.TUS:dhcp-devel-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.TUS:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.TUS:dhcp-libs-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.TUS:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-25217" }, { "category": "external", "summary": "RHBZ#1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-25217", "url": "https://www.cve.org/CVERecord?id=CVE-2021-25217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217" }, { "category": "external", "summary": "https://kb.isc.org/docs/cve-2021-25217", "url": "https://kb.isc.org/docs/cve-2021-25217" } ], "release_date": "2021-05-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-06-14T19:57:26+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-7.4.AUS:dhclient-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.AUS:dhcp-12:4.2.5-58.el7_4.5.src", "7Server-7.4.AUS:dhcp-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.AUS:dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.AUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.AUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.AUS:dhcp-devel-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.AUS:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.AUS:dhcp-libs-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.AUS:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.E4S:dhclient-12:4.2.5-58.el7_4.5.ppc64le", "7Server-7.4.E4S:dhclient-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.ppc64le", "7Server-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.src", "7Server-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.E4S:dhcp-common-12:4.2.5-58.el7_4.5.ppc64le", "7Server-7.4.E4S:dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.ppc64le", "7Server-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.ppc64le", "7Server-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.ppc64le", "7Server-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.TUS:dhclient-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.TUS:dhcp-12:4.2.5-58.el7_4.5.src", "7Server-7.4.TUS:dhcp-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.TUS:dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.TUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.TUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.TUS:dhcp-devel-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.TUS:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.TUS:dhcp-libs-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.TUS:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.AUS:dhclient-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.AUS:dhcp-12:4.2.5-58.el7_4.5.src", "7Server-optional-7.4.AUS:dhcp-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.AUS:dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.AUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.AUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.AUS:dhcp-devel-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.AUS:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.AUS:dhcp-libs-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.AUS:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.E4S:dhclient-12:4.2.5-58.el7_4.5.ppc64le", "7Server-optional-7.4.E4S:dhclient-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.ppc64le", "7Server-optional-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.src", "7Server-optional-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.E4S:dhcp-common-12:4.2.5-58.el7_4.5.ppc64le", "7Server-optional-7.4.E4S:dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.ppc64le", "7Server-optional-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.ppc64le", "7Server-optional-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.ppc64le", "7Server-optional-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.TUS:dhclient-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.TUS:dhcp-12:4.2.5-58.el7_4.5.src", "7Server-optional-7.4.TUS:dhcp-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.TUS:dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.TUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.TUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.TUS:dhcp-devel-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.TUS:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.TUS:dhcp-libs-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.TUS:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2414" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-7.4.AUS:dhclient-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.AUS:dhcp-12:4.2.5-58.el7_4.5.src", "7Server-7.4.AUS:dhcp-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.AUS:dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.AUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.AUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.AUS:dhcp-devel-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.AUS:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.AUS:dhcp-libs-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.AUS:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.E4S:dhclient-12:4.2.5-58.el7_4.5.ppc64le", "7Server-7.4.E4S:dhclient-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.ppc64le", "7Server-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.src", "7Server-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.E4S:dhcp-common-12:4.2.5-58.el7_4.5.ppc64le", "7Server-7.4.E4S:dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.ppc64le", "7Server-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.ppc64le", "7Server-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.ppc64le", "7Server-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.TUS:dhclient-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.TUS:dhcp-12:4.2.5-58.el7_4.5.src", "7Server-7.4.TUS:dhcp-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.TUS:dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.TUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.TUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.TUS:dhcp-devel-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.TUS:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "7Server-7.4.TUS:dhcp-libs-12:4.2.5-58.el7_4.5.i686", "7Server-7.4.TUS:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.AUS:dhclient-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.AUS:dhcp-12:4.2.5-58.el7_4.5.src", "7Server-optional-7.4.AUS:dhcp-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.AUS:dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.AUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.AUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.AUS:dhcp-devel-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.AUS:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.AUS:dhcp-libs-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.AUS:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.E4S:dhclient-12:4.2.5-58.el7_4.5.ppc64le", "7Server-optional-7.4.E4S:dhclient-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.ppc64le", "7Server-optional-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.src", "7Server-optional-7.4.E4S:dhcp-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.E4S:dhcp-common-12:4.2.5-58.el7_4.5.ppc64le", "7Server-optional-7.4.E4S:dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.ppc64le", "7Server-optional-7.4.E4S:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.ppc64le", "7Server-optional-7.4.E4S:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.ppc64le", "7Server-optional-7.4.E4S:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.TUS:dhclient-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.TUS:dhcp-12:4.2.5-58.el7_4.5.src", "7Server-optional-7.4.TUS:dhcp-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.TUS:dhcp-common-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.TUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.TUS:dhcp-debuginfo-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.TUS:dhcp-devel-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.TUS:dhcp-devel-12:4.2.5-58.el7_4.5.x86_64", "7Server-optional-7.4.TUS:dhcp-libs-12:4.2.5-58.el7_4.5.i686", "7Server-optional-7.4.TUS:dhcp-libs-12:4.2.5-58.el7_4.5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient" } ] }
rhsa-2021_2405
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for dhcp is now available for Red Hat Enterprise Linux 7.7 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es):\n\n* dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:2405", "url": "https://access.redhat.com/errata/RHSA-2021:2405" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2405.json" } ], "title": "Red Hat Security Advisory: dhcp security update", "tracking": { "current_release_date": "2024-11-15T11:51:19+00:00", "generator": { "date": "2024-11-15T11:51:19+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:2405", "initial_release_date": "2021-06-14T14:53:20+00:00", "revision_history": [ { "date": "2021-06-14T14:53:20+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-06-14T14:53:20+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T11:51:19+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product": { "name": "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_eus:7.7::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product": { "name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_eus:7.7::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server EUS (v. 7.7)", "product": { "name": "Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_eus:7.7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product": { "name": "Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_eus:7.7::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "dhclient-12:4.2.5-77.el7_7.1.x86_64", "product": { "name": "dhclient-12:4.2.5-77.el7_7.1.x86_64", "product_id": "dhclient-12:4.2.5-77.el7_7.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhclient@4.2.5-77.el7_7.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-common-12:4.2.5-77.el7_7.1.x86_64", "product": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.x86_64", "product_id": "dhcp-common-12:4.2.5-77.el7_7.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.2.5-77.el7_7.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.2.5-77.el7_7.1.x86_64", "product": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.x86_64", "product_id": "dhcp-libs-12:4.2.5-77.el7_7.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-77.el7_7.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64", "product": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64", "product_id": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-77.el7_7.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-12:4.2.5-77.el7_7.1.x86_64", "product": { "name": "dhcp-12:4.2.5-77.el7_7.1.x86_64", "product_id": "dhcp-12:4.2.5-77.el7_7.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-77.el7_7.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-77.el7_7.1.x86_64", "product": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.x86_64", "product_id": "dhcp-devel-12:4.2.5-77.el7_7.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-77.el7_7.1?arch=x86_64\u0026epoch=12" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "dhcp-libs-12:4.2.5-77.el7_7.1.i686", "product": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.i686", "product_id": "dhcp-libs-12:4.2.5-77.el7_7.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-77.el7_7.1?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686", "product": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686", "product_id": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-77.el7_7.1?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-77.el7_7.1.i686", "product": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.i686", "product_id": "dhcp-devel-12:4.2.5-77.el7_7.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-77.el7_7.1?arch=i686\u0026epoch=12" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "dhcp-12:4.2.5-77.el7_7.1.src", "product": { "name": "dhcp-12:4.2.5-77.el7_7.1.src", "product_id": "dhcp-12:4.2.5-77.el7_7.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-77.el7_7.1?arch=src\u0026epoch=12" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "dhclient-12:4.2.5-77.el7_7.1.ppc64le", "product": { "name": "dhclient-12:4.2.5-77.el7_7.1.ppc64le", "product_id": "dhclient-12:4.2.5-77.el7_7.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhclient@4.2.5-77.el7_7.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-12:4.2.5-77.el7_7.1.ppc64le", "product": { "name": "dhcp-12:4.2.5-77.el7_7.1.ppc64le", "product_id": "dhcp-12:4.2.5-77.el7_7.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-77.el7_7.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64le", "product": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64le", "product_id": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.2.5-77.el7_7.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le", "product": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le", "product_id": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-77.el7_7.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le", "product": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le", "product_id": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-77.el7_7.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le", "product": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le", "product_id": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-77.el7_7.1?arch=ppc64le\u0026epoch=12" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "dhclient-12:4.2.5-77.el7_7.1.ppc64", "product": { "name": "dhclient-12:4.2.5-77.el7_7.1.ppc64", "product_id": "dhclient-12:4.2.5-77.el7_7.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhclient@4.2.5-77.el7_7.1?arch=ppc64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-12:4.2.5-77.el7_7.1.ppc64", "product": { "name": "dhcp-12:4.2.5-77.el7_7.1.ppc64", "product_id": "dhcp-12:4.2.5-77.el7_7.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-77.el7_7.1?arch=ppc64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64", "product": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64", "product_id": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.2.5-77.el7_7.1?arch=ppc64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64", "product": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64", "product_id": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-77.el7_7.1?arch=ppc64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64", "product": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64", "product_id": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-77.el7_7.1?arch=ppc64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64", "product": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64", "product_id": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-77.el7_7.1?arch=ppc64\u0026epoch=12" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc", "product": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc", "product_id": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-77.el7_7.1?arch=ppc\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc", "product": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc", "product_id": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-77.el7_7.1?arch=ppc\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc", "product": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc", "product_id": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-77.el7_7.1?arch=ppc\u0026epoch=12" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "dhclient-12:4.2.5-77.el7_7.1.s390x", "product": { "name": "dhclient-12:4.2.5-77.el7_7.1.s390x", "product_id": "dhclient-12:4.2.5-77.el7_7.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhclient@4.2.5-77.el7_7.1?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-12:4.2.5-77.el7_7.1.s390x", "product": { "name": "dhcp-12:4.2.5-77.el7_7.1.s390x", "product_id": "dhcp-12:4.2.5-77.el7_7.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-77.el7_7.1?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-common-12:4.2.5-77.el7_7.1.s390x", "product": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.s390x", "product_id": "dhcp-common-12:4.2.5-77.el7_7.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.2.5-77.el7_7.1?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.2.5-77.el7_7.1.s390x", "product": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.s390x", "product_id": "dhcp-libs-12:4.2.5-77.el7_7.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-77.el7_7.1?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x", "product": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x", "product_id": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-77.el7_7.1?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-77.el7_7.1.s390x", "product": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.s390x", "product_id": "dhcp-devel-12:4.2.5-77.el7_7.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-77.el7_7.1?arch=s390x\u0026epoch=12" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "dhcp-libs-12:4.2.5-77.el7_7.1.s390", "product": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.s390", "product_id": "dhcp-libs-12:4.2.5-77.el7_7.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-77.el7_7.1?arch=s390\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390", "product": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390", "product_id": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-77.el7_7.1?arch=s390\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-77.el7_7.1.s390", "product": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.s390", "product_id": "dhcp-devel-12:4.2.5-77.el7_7.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-77.el7_7.1?arch=s390\u0026epoch=12" } } } ], "category": "architecture", "name": "s390" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhclient-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhclient-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhclient-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhclient-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.src" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.src", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-common-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.i686 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.i686" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.i686", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.s390 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.s390", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.i686 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.i686" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.i686", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.s390 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.s390", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", "product_id": "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7ComputeNode-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhclient-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhclient-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhclient-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhclient-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.src as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.src" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.src", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-common-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.i686" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.i686", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.s390", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.i686" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.i686", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.s390", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", "product_id": "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhclient-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhclient-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhclient-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhclient-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.src" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.src", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-common-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.i686" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.i686", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.s390 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.s390", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.i686" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.i686", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.s390 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.s390", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7Server-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhclient-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhclient-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhclient-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhclient-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.src" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.src", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-common-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-common-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.i686 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.i686" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.i686", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.s390 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.s390", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.i686 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.i686" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.i686", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.s390 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.s390", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390x" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.s390x", "relates_to_product_reference": "7Server-optional-7.7.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-77.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", "product_id": "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-77.el7_7.1.x86_64", "relates_to_product_reference": "7Server-optional-7.7.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-25217", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2021-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1963258" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Dynamic Host Configuration Protocol (DHCP). There is a discrepancy between the code that handles encapsulated option information in leases transmitted \"on the wire\" and the code which reads and parses lease information after it has been written to disk storage. This flaw allows an attacker to deliberately cause a situation where dhcpd while running in DHCPv4 or DHCPv6 mode, or the dhclient attempts to read a stored lease that contains option information, to trigger a stack-based buffer overflow in the option parsing code for colon-separated hex digits values. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient", "title": "Vulnerability summary" }, { "category": "other", "text": "To abuse this flaw an attacker has to be on the same local sub-net of the victim machine. An attacker may send crafted DHCP messages with long lease statements that, when stored locally on file and then re-read by dhclient or dhcpd, might trigger the bug.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7ComputeNode-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.src", "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.i686", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.i686", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.src", "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.i686", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.i686", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.x86_64", "7Server-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64", "7Server-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64le", "7Server-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.s390x", "7Server-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.x86_64", "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64", "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64le", "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.s390x", "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.src", "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.x86_64", "7Server-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64", "7Server-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64le", "7Server-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.s390x", "7Server-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.x86_64", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.i686", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390x", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.x86_64", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.i686", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390x", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.x86_64", "7Server-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64", "7Server-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64le", "7Server-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.s390x", "7Server-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.x86_64", "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64", "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64le", "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.s390x", "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.src", "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.x86_64", "7Server-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64", "7Server-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64le", "7Server-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.s390x", "7Server-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.x86_64", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.i686", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390x", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.x86_64", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.i686", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390x", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-25217" }, { "category": "external", "summary": "RHBZ#1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-25217", "url": "https://www.cve.org/CVERecord?id=CVE-2021-25217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217" }, { "category": "external", "summary": "https://kb.isc.org/docs/cve-2021-25217", "url": "https://kb.isc.org/docs/cve-2021-25217" } ], "release_date": "2021-05-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-06-14T14:53:20+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7ComputeNode-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.src", "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.i686", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.i686", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.src", "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.i686", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.i686", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.x86_64", "7Server-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64", "7Server-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64le", "7Server-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.s390x", "7Server-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.x86_64", "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64", "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64le", "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.s390x", "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.src", "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.x86_64", "7Server-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64", "7Server-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64le", "7Server-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.s390x", "7Server-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.x86_64", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.i686", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390x", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.x86_64", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.i686", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390x", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.x86_64", "7Server-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64", "7Server-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64le", "7Server-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.s390x", "7Server-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.x86_64", "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64", "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64le", "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.s390x", "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.src", "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.x86_64", "7Server-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64", "7Server-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64le", "7Server-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.s390x", "7Server-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.x86_64", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.i686", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390x", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.x86_64", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.i686", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390x", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2405" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7ComputeNode-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.src", "7ComputeNode-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.i686", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.i686", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.src", "7ComputeNode-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.i686", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.x86_64", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.i686", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390x", "7ComputeNode-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.x86_64", "7Server-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64", "7Server-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64le", "7Server-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.s390x", "7Server-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.x86_64", "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64", "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64le", "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.s390x", "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.src", "7Server-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.x86_64", "7Server-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64", "7Server-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64le", "7Server-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.s390x", "7Server-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.x86_64", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x", "7Server-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.i686", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390x", "7Server-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.x86_64", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.i686", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390x", "7Server-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.x86_64", "7Server-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64", "7Server-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.ppc64le", "7Server-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.s390x", "7Server-optional-7.7.EUS:dhclient-12:4.2.5-77.el7_7.1.x86_64", "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64", "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.ppc64le", "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.s390x", "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.src", "7Server-optional-7.7.EUS:dhcp-12:4.2.5-77.el7_7.1.x86_64", "7Server-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64", "7Server-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.ppc64le", "7Server-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.s390x", "7Server-optional-7.7.EUS:dhcp-common-12:4.2.5-77.el7_7.1.x86_64", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.i686", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.ppc64le", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.s390x", "7Server-optional-7.7.EUS:dhcp-debuginfo-12:4.2.5-77.el7_7.1.x86_64", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.i686", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.ppc64le", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.s390x", "7Server-optional-7.7.EUS:dhcp-devel-12:4.2.5-77.el7_7.1.x86_64", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.i686", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.ppc64le", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.s390x", "7Server-optional-7.7.EUS:dhcp-libs-12:4.2.5-77.el7_7.1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient" } ] }
rhsa-2021_2419
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for dhcp is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es):\n\n* dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:2419", "url": "https://access.redhat.com/errata/RHSA-2021:2419" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2419.json" } ], "title": "Red Hat Security Advisory: dhcp security update", "tracking": { "current_release_date": "2024-11-15T11:51:58+00:00", "generator": { "date": "2024-11-15T11:51:58+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:2419", "initial_release_date": "2021-06-15T13:39:23+00:00", "revision_history": [ { "date": "2021-06-15T13:39:23+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-06-15T13:39:23+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T11:51:58+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 6 ELS)", "product": { "name": "Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_els:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product": { "name": "Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_els:6" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "dhclient-12:4.1.1-64.P1.el6_10.x86_64", "product": { "name": "dhclient-12:4.1.1-64.P1.el6_10.x86_64", "product_id": "dhclient-12:4.1.1-64.P1.el6_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhclient@4.1.1-64.P1.el6_10?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-12:4.1.1-64.P1.el6_10.x86_64", "product": { "name": "dhcp-12:4.1.1-64.P1.el6_10.x86_64", "product_id": "dhcp-12:4.1.1-64.P1.el6_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.1.1-64.P1.el6_10?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-common-12:4.1.1-64.P1.el6_10.x86_64", "product": { "name": "dhcp-common-12:4.1.1-64.P1.el6_10.x86_64", "product_id": "dhcp-common-12:4.1.1-64.P1.el6_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.1.1-64.P1.el6_10?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.x86_64", "product": { "name": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.x86_64", "product_id": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.1.1-64.P1.el6_10?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.1.1-64.P1.el6_10.x86_64", "product": { "name": "dhcp-devel-12:4.1.1-64.P1.el6_10.x86_64", "product_id": "dhcp-devel-12:4.1.1-64.P1.el6_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.1.1-64.P1.el6_10?arch=x86_64\u0026epoch=12" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "dhclient-12:4.1.1-64.P1.el6_10.i686", "product": { "name": "dhclient-12:4.1.1-64.P1.el6_10.i686", "product_id": "dhclient-12:4.1.1-64.P1.el6_10.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhclient@4.1.1-64.P1.el6_10?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-12:4.1.1-64.P1.el6_10.i686", "product": { "name": "dhcp-12:4.1.1-64.P1.el6_10.i686", "product_id": "dhcp-12:4.1.1-64.P1.el6_10.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.1.1-64.P1.el6_10?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-common-12:4.1.1-64.P1.el6_10.i686", "product": { "name": "dhcp-common-12:4.1.1-64.P1.el6_10.i686", "product_id": "dhcp-common-12:4.1.1-64.P1.el6_10.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.1.1-64.P1.el6_10?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.i686", "product": { "name": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.i686", "product_id": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.1.1-64.P1.el6_10?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.1.1-64.P1.el6_10.i686", "product": { "name": "dhcp-devel-12:4.1.1-64.P1.el6_10.i686", "product_id": "dhcp-devel-12:4.1.1-64.P1.el6_10.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.1.1-64.P1.el6_10?arch=i686\u0026epoch=12" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "dhclient-12:4.1.1-64.P1.el6_10.s390x", "product": { "name": "dhclient-12:4.1.1-64.P1.el6_10.s390x", "product_id": "dhclient-12:4.1.1-64.P1.el6_10.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhclient@4.1.1-64.P1.el6_10?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-12:4.1.1-64.P1.el6_10.s390x", "product": { "name": "dhcp-12:4.1.1-64.P1.el6_10.s390x", "product_id": "dhcp-12:4.1.1-64.P1.el6_10.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.1.1-64.P1.el6_10?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-common-12:4.1.1-64.P1.el6_10.s390x", "product": { "name": "dhcp-common-12:4.1.1-64.P1.el6_10.s390x", "product_id": "dhcp-common-12:4.1.1-64.P1.el6_10.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.1.1-64.P1.el6_10?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390x", "product": { "name": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390x", "product_id": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.1.1-64.P1.el6_10?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.1.1-64.P1.el6_10.s390x", "product": { "name": "dhcp-devel-12:4.1.1-64.P1.el6_10.s390x", "product_id": "dhcp-devel-12:4.1.1-64.P1.el6_10.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.1.1-64.P1.el6_10?arch=s390x\u0026epoch=12" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "dhcp-12:4.1.1-64.P1.el6_10.src", "product": { "name": "dhcp-12:4.1.1-64.P1.el6_10.src", "product_id": "dhcp-12:4.1.1-64.P1.el6_10.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.1.1-64.P1.el6_10?arch=src\u0026epoch=12" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "dhcp-devel-12:4.1.1-64.P1.el6_10.s390", "product": { "name": "dhcp-devel-12:4.1.1-64.P1.el6_10.s390", "product_id": "dhcp-devel-12:4.1.1-64.P1.el6_10.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.1.1-64.P1.el6_10?arch=s390\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390", "product": { "name": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390", "product_id": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.1.1-64.P1.el6_10?arch=s390\u0026epoch=12" } } } ], "category": "architecture", "name": "s390" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.1.1-64.P1.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:dhclient-12:4.1.1-64.P1.el6_10.i686" }, "product_reference": "dhclient-12:4.1.1-64.P1.el6_10.i686", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.1.1-64.P1.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:dhclient-12:4.1.1-64.P1.el6_10.s390x" }, "product_reference": "dhclient-12:4.1.1-64.P1.el6_10.s390x", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.1.1-64.P1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:dhclient-12:4.1.1-64.P1.el6_10.x86_64" }, "product_reference": "dhclient-12:4.1.1-64.P1.el6_10.x86_64", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.1.1-64.P1.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:dhcp-12:4.1.1-64.P1.el6_10.i686" }, "product_reference": "dhcp-12:4.1.1-64.P1.el6_10.i686", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.1.1-64.P1.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:dhcp-12:4.1.1-64.P1.el6_10.s390x" }, "product_reference": "dhcp-12:4.1.1-64.P1.el6_10.s390x", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.1.1-64.P1.el6_10.src as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:dhcp-12:4.1.1-64.P1.el6_10.src" }, "product_reference": "dhcp-12:4.1.1-64.P1.el6_10.src", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.1.1-64.P1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:dhcp-12:4.1.1-64.P1.el6_10.x86_64" }, "product_reference": "dhcp-12:4.1.1-64.P1.el6_10.x86_64", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.1.1-64.P1.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.i686" }, "product_reference": "dhcp-common-12:4.1.1-64.P1.el6_10.i686", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.1.1-64.P1.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.s390x" }, "product_reference": "dhcp-common-12:4.1.1-64.P1.el6_10.s390x", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.1.1-64.P1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.x86_64" }, "product_reference": "dhcp-common-12:4.1.1-64.P1.el6_10.x86_64", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.i686" }, "product_reference": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.i686", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390" }, "product_reference": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390x" }, "product_reference": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390x", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.x86_64", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.1.1-64.P1.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.i686" }, "product_reference": "dhcp-devel-12:4.1.1-64.P1.el6_10.i686", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.1.1-64.P1.el6_10.s390 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.s390" }, "product_reference": "dhcp-devel-12:4.1.1-64.P1.el6_10.s390", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.1.1-64.P1.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.s390x" }, "product_reference": "dhcp-devel-12:4.1.1-64.P1.el6_10.s390x", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.1.1-64.P1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.x86_64" }, "product_reference": "dhcp-devel-12:4.1.1-64.P1.el6_10.x86_64", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.1.1-64.P1.el6_10.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:dhclient-12:4.1.1-64.P1.el6_10.i686" }, "product_reference": "dhclient-12:4.1.1-64.P1.el6_10.i686", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.1.1-64.P1.el6_10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:dhclient-12:4.1.1-64.P1.el6_10.s390x" }, "product_reference": "dhclient-12:4.1.1-64.P1.el6_10.s390x", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.1.1-64.P1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:dhclient-12:4.1.1-64.P1.el6_10.x86_64" }, "product_reference": "dhclient-12:4.1.1-64.P1.el6_10.x86_64", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.1.1-64.P1.el6_10.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:dhcp-12:4.1.1-64.P1.el6_10.i686" }, "product_reference": "dhcp-12:4.1.1-64.P1.el6_10.i686", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.1.1-64.P1.el6_10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:dhcp-12:4.1.1-64.P1.el6_10.s390x" }, "product_reference": "dhcp-12:4.1.1-64.P1.el6_10.s390x", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.1.1-64.P1.el6_10.src as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:dhcp-12:4.1.1-64.P1.el6_10.src" }, "product_reference": "dhcp-12:4.1.1-64.P1.el6_10.src", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.1.1-64.P1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:dhcp-12:4.1.1-64.P1.el6_10.x86_64" }, "product_reference": "dhcp-12:4.1.1-64.P1.el6_10.x86_64", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.1.1-64.P1.el6_10.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.i686" }, "product_reference": "dhcp-common-12:4.1.1-64.P1.el6_10.i686", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.1.1-64.P1.el6_10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.s390x" }, "product_reference": "dhcp-common-12:4.1.1-64.P1.el6_10.s390x", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.1.1-64.P1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.x86_64" }, "product_reference": "dhcp-common-12:4.1.1-64.P1.el6_10.x86_64", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.i686" }, "product_reference": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.i686", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390" }, "product_reference": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390x" }, "product_reference": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390x", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.1.1-64.P1.el6_10.x86_64", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.1.1-64.P1.el6_10.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.i686" }, "product_reference": "dhcp-devel-12:4.1.1-64.P1.el6_10.i686", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.1.1-64.P1.el6_10.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.s390" }, "product_reference": "dhcp-devel-12:4.1.1-64.P1.el6_10.s390", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.1.1-64.P1.el6_10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.s390x" }, "product_reference": "dhcp-devel-12:4.1.1-64.P1.el6_10.s390x", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.1.1-64.P1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.x86_64" }, "product_reference": "dhcp-devel-12:4.1.1-64.P1.el6_10.x86_64", "relates_to_product_reference": "6Server-optional-ELS" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-25217", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2021-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1963258" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Dynamic Host Configuration Protocol (DHCP). There is a discrepancy between the code that handles encapsulated option information in leases transmitted \"on the wire\" and the code which reads and parses lease information after it has been written to disk storage. This flaw allows an attacker to deliberately cause a situation where dhcpd while running in DHCPv4 or DHCPv6 mode, or the dhclient attempts to read a stored lease that contains option information, to trigger a stack-based buffer overflow in the option parsing code for colon-separated hex digits values. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient", "title": "Vulnerability summary" }, { "category": "other", "text": "To abuse this flaw an attacker has to be on the same local sub-net of the victim machine. An attacker may send crafted DHCP messages with long lease statements that, when stored locally on file and then re-read by dhclient or dhcpd, might trigger the bug.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-ELS:dhclient-12:4.1.1-64.P1.el6_10.i686", "6Server-ELS:dhclient-12:4.1.1-64.P1.el6_10.s390x", "6Server-ELS:dhclient-12:4.1.1-64.P1.el6_10.x86_64", "6Server-ELS:dhcp-12:4.1.1-64.P1.el6_10.i686", "6Server-ELS:dhcp-12:4.1.1-64.P1.el6_10.s390x", "6Server-ELS:dhcp-12:4.1.1-64.P1.el6_10.src", "6Server-ELS:dhcp-12:4.1.1-64.P1.el6_10.x86_64", "6Server-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.i686", "6Server-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.s390x", "6Server-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.x86_64", "6Server-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.i686", "6Server-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390", "6Server-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390x", "6Server-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.x86_64", "6Server-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.i686", "6Server-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.s390", "6Server-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.s390x", "6Server-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.x86_64", "6Server-optional-ELS:dhclient-12:4.1.1-64.P1.el6_10.i686", "6Server-optional-ELS:dhclient-12:4.1.1-64.P1.el6_10.s390x", "6Server-optional-ELS:dhclient-12:4.1.1-64.P1.el6_10.x86_64", "6Server-optional-ELS:dhcp-12:4.1.1-64.P1.el6_10.i686", "6Server-optional-ELS:dhcp-12:4.1.1-64.P1.el6_10.s390x", "6Server-optional-ELS:dhcp-12:4.1.1-64.P1.el6_10.src", "6Server-optional-ELS:dhcp-12:4.1.1-64.P1.el6_10.x86_64", "6Server-optional-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.i686", "6Server-optional-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.s390x", "6Server-optional-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.x86_64", "6Server-optional-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.i686", "6Server-optional-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390", "6Server-optional-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390x", "6Server-optional-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.x86_64", "6Server-optional-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.i686", "6Server-optional-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.s390", "6Server-optional-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.s390x", "6Server-optional-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-25217" }, { "category": "external", "summary": "RHBZ#1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-25217", "url": "https://www.cve.org/CVERecord?id=CVE-2021-25217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217" }, { "category": "external", "summary": "https://kb.isc.org/docs/cve-2021-25217", "url": "https://kb.isc.org/docs/cve-2021-25217" } ], "release_date": "2021-05-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-06-15T13:39:23+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-ELS:dhclient-12:4.1.1-64.P1.el6_10.i686", "6Server-ELS:dhclient-12:4.1.1-64.P1.el6_10.s390x", "6Server-ELS:dhclient-12:4.1.1-64.P1.el6_10.x86_64", "6Server-ELS:dhcp-12:4.1.1-64.P1.el6_10.i686", "6Server-ELS:dhcp-12:4.1.1-64.P1.el6_10.s390x", "6Server-ELS:dhcp-12:4.1.1-64.P1.el6_10.src", "6Server-ELS:dhcp-12:4.1.1-64.P1.el6_10.x86_64", "6Server-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.i686", "6Server-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.s390x", "6Server-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.x86_64", "6Server-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.i686", "6Server-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390", "6Server-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390x", "6Server-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.x86_64", "6Server-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.i686", "6Server-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.s390", "6Server-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.s390x", "6Server-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.x86_64", "6Server-optional-ELS:dhclient-12:4.1.1-64.P1.el6_10.i686", "6Server-optional-ELS:dhclient-12:4.1.1-64.P1.el6_10.s390x", "6Server-optional-ELS:dhclient-12:4.1.1-64.P1.el6_10.x86_64", "6Server-optional-ELS:dhcp-12:4.1.1-64.P1.el6_10.i686", "6Server-optional-ELS:dhcp-12:4.1.1-64.P1.el6_10.s390x", "6Server-optional-ELS:dhcp-12:4.1.1-64.P1.el6_10.src", "6Server-optional-ELS:dhcp-12:4.1.1-64.P1.el6_10.x86_64", "6Server-optional-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.i686", "6Server-optional-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.s390x", "6Server-optional-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.x86_64", "6Server-optional-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.i686", "6Server-optional-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390", "6Server-optional-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390x", "6Server-optional-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.x86_64", "6Server-optional-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.i686", "6Server-optional-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.s390", "6Server-optional-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.s390x", "6Server-optional-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2419" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "6Server-ELS:dhclient-12:4.1.1-64.P1.el6_10.i686", "6Server-ELS:dhclient-12:4.1.1-64.P1.el6_10.s390x", "6Server-ELS:dhclient-12:4.1.1-64.P1.el6_10.x86_64", "6Server-ELS:dhcp-12:4.1.1-64.P1.el6_10.i686", "6Server-ELS:dhcp-12:4.1.1-64.P1.el6_10.s390x", "6Server-ELS:dhcp-12:4.1.1-64.P1.el6_10.src", "6Server-ELS:dhcp-12:4.1.1-64.P1.el6_10.x86_64", "6Server-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.i686", "6Server-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.s390x", "6Server-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.x86_64", "6Server-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.i686", "6Server-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390", "6Server-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390x", "6Server-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.x86_64", "6Server-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.i686", "6Server-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.s390", "6Server-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.s390x", "6Server-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.x86_64", "6Server-optional-ELS:dhclient-12:4.1.1-64.P1.el6_10.i686", "6Server-optional-ELS:dhclient-12:4.1.1-64.P1.el6_10.s390x", "6Server-optional-ELS:dhclient-12:4.1.1-64.P1.el6_10.x86_64", "6Server-optional-ELS:dhcp-12:4.1.1-64.P1.el6_10.i686", "6Server-optional-ELS:dhcp-12:4.1.1-64.P1.el6_10.s390x", "6Server-optional-ELS:dhcp-12:4.1.1-64.P1.el6_10.src", "6Server-optional-ELS:dhcp-12:4.1.1-64.P1.el6_10.x86_64", "6Server-optional-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.i686", "6Server-optional-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.s390x", "6Server-optional-ELS:dhcp-common-12:4.1.1-64.P1.el6_10.x86_64", "6Server-optional-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.i686", "6Server-optional-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390", "6Server-optional-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.s390x", "6Server-optional-ELS:dhcp-debuginfo-12:4.1.1-64.P1.el6_10.x86_64", "6Server-optional-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.i686", "6Server-optional-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.s390", "6Server-optional-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.s390x", "6Server-optional-ELS:dhcp-devel-12:4.1.1-64.P1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient" } ] }
rhsa-2021_2420
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for dhcp is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es):\n\n* dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:2420", "url": "https://access.redhat.com/errata/RHSA-2021:2420" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2420.json" } ], "title": "Red Hat Security Advisory: dhcp security update", "tracking": { "current_release_date": "2024-11-15T11:51:45+00:00", "generator": { "date": "2024-11-15T11:51:45+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:2420", "initial_release_date": "2021-06-14T21:01:53+00:00", "revision_history": [ { "date": "2021-06-14T21:01:53+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-06-14T21:01:53+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T11:51:45+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product": { "name": "Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_eus:8.2::baseos" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "dhcp-12:4.3.6-40.el8_2.2.src", "product": { "name": "dhcp-12:4.3.6-40.el8_2.2.src", "product_id": "dhcp-12:4.3.6-40.el8_2.2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.3.6-40.el8_2.2?arch=src\u0026epoch=12" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "dhcp-client-12:4.3.6-40.el8_2.2.aarch64", "product": { "name": "dhcp-client-12:4.3.6-40.el8_2.2.aarch64", "product_id": "dhcp-client-12:4.3.6-40.el8_2.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client@4.3.6-40.el8_2.2?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.3.6-40.el8_2.2.aarch64", "product": { "name": "dhcp-libs-12:4.3.6-40.el8_2.2.aarch64", "product_id": "dhcp-libs-12:4.3.6-40.el8_2.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.3.6-40.el8_2.2?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-12:4.3.6-40.el8_2.2.aarch64", "product": { "name": "dhcp-relay-12:4.3.6-40.el8_2.2.aarch64", "product_id": "dhcp-relay-12:4.3.6-40.el8_2.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay@4.3.6-40.el8_2.2?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-12:4.3.6-40.el8_2.2.aarch64", "product": { "name": "dhcp-server-12:4.3.6-40.el8_2.2.aarch64", "product_id": "dhcp-server-12:4.3.6-40.el8_2.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server@4.3.6-40.el8_2.2?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debugsource-12:4.3.6-40.el8_2.2.aarch64", "product": { "name": "dhcp-debugsource-12:4.3.6-40.el8_2.2.aarch64", "product_id": "dhcp-debugsource-12:4.3.6-40.el8_2.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debugsource@4.3.6-40.el8_2.2?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "product": { "name": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "product_id": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client-debuginfo@4.3.6-40.el8_2.2?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "product": { "name": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "product_id": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.3.6-40.el8_2.2?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "product": { "name": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "product_id": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs-debuginfo@4.3.6-40.el8_2.2?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "product": { "name": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "product_id": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay-debuginfo@4.3.6-40.el8_2.2?arch=aarch64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "product": { "name": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "product_id": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server-debuginfo@4.3.6-40.el8_2.2?arch=aarch64\u0026epoch=12" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "dhcp-client-12:4.3.6-40.el8_2.2.ppc64le", "product": { "name": "dhcp-client-12:4.3.6-40.el8_2.2.ppc64le", "product_id": "dhcp-client-12:4.3.6-40.el8_2.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client@4.3.6-40.el8_2.2?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.3.6-40.el8_2.2.ppc64le", "product": { "name": "dhcp-libs-12:4.3.6-40.el8_2.2.ppc64le", "product_id": "dhcp-libs-12:4.3.6-40.el8_2.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.3.6-40.el8_2.2?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-12:4.3.6-40.el8_2.2.ppc64le", "product": { "name": "dhcp-relay-12:4.3.6-40.el8_2.2.ppc64le", "product_id": "dhcp-relay-12:4.3.6-40.el8_2.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay@4.3.6-40.el8_2.2?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-12:4.3.6-40.el8_2.2.ppc64le", "product": { "name": "dhcp-server-12:4.3.6-40.el8_2.2.ppc64le", "product_id": "dhcp-server-12:4.3.6-40.el8_2.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server@4.3.6-40.el8_2.2?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debugsource-12:4.3.6-40.el8_2.2.ppc64le", "product": { "name": "dhcp-debugsource-12:4.3.6-40.el8_2.2.ppc64le", "product_id": "dhcp-debugsource-12:4.3.6-40.el8_2.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debugsource@4.3.6-40.el8_2.2?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "product": { "name": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "product_id": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client-debuginfo@4.3.6-40.el8_2.2?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "product": { "name": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "product_id": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.3.6-40.el8_2.2?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "product": { "name": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "product_id": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs-debuginfo@4.3.6-40.el8_2.2?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "product": { "name": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "product_id": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay-debuginfo@4.3.6-40.el8_2.2?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "product": { "name": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "product_id": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server-debuginfo@4.3.6-40.el8_2.2?arch=ppc64le\u0026epoch=12" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "dhcp-client-12:4.3.6-40.el8_2.2.x86_64", "product": { "name": "dhcp-client-12:4.3.6-40.el8_2.2.x86_64", "product_id": "dhcp-client-12:4.3.6-40.el8_2.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client@4.3.6-40.el8_2.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.3.6-40.el8_2.2.x86_64", "product": { "name": "dhcp-libs-12:4.3.6-40.el8_2.2.x86_64", "product_id": "dhcp-libs-12:4.3.6-40.el8_2.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.3.6-40.el8_2.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-12:4.3.6-40.el8_2.2.x86_64", "product": { "name": "dhcp-relay-12:4.3.6-40.el8_2.2.x86_64", "product_id": "dhcp-relay-12:4.3.6-40.el8_2.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay@4.3.6-40.el8_2.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-12:4.3.6-40.el8_2.2.x86_64", "product": { "name": "dhcp-server-12:4.3.6-40.el8_2.2.x86_64", "product_id": "dhcp-server-12:4.3.6-40.el8_2.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server@4.3.6-40.el8_2.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debugsource-12:4.3.6-40.el8_2.2.x86_64", "product": { "name": "dhcp-debugsource-12:4.3.6-40.el8_2.2.x86_64", "product_id": "dhcp-debugsource-12:4.3.6-40.el8_2.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debugsource@4.3.6-40.el8_2.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "product": { "name": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "product_id": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client-debuginfo@4.3.6-40.el8_2.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "product": { "name": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "product_id": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.3.6-40.el8_2.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "product": { "name": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "product_id": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs-debuginfo@4.3.6-40.el8_2.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "product": { "name": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "product_id": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay-debuginfo@4.3.6-40.el8_2.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "product": { "name": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "product_id": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server-debuginfo@4.3.6-40.el8_2.2?arch=x86_64\u0026epoch=12" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "dhcp-libs-12:4.3.6-40.el8_2.2.i686", "product": { "name": "dhcp-libs-12:4.3.6-40.el8_2.2.i686", "product_id": "dhcp-libs-12:4.3.6-40.el8_2.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.3.6-40.el8_2.2?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debugsource-12:4.3.6-40.el8_2.2.i686", "product": { "name": "dhcp-debugsource-12:4.3.6-40.el8_2.2.i686", "product_id": "dhcp-debugsource-12:4.3.6-40.el8_2.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debugsource@4.3.6-40.el8_2.2?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.i686", "product": { "name": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.i686", "product_id": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client-debuginfo@4.3.6-40.el8_2.2?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.i686", "product": { "name": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.i686", "product_id": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.3.6-40.el8_2.2?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.i686", "product": { "name": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.i686", "product_id": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs-debuginfo@4.3.6-40.el8_2.2?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.i686", "product": { "name": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.i686", "product_id": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay-debuginfo@4.3.6-40.el8_2.2?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.i686", "product": { "name": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.i686", "product_id": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server-debuginfo@4.3.6-40.el8_2.2?arch=i686\u0026epoch=12" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "dhcp-client-12:4.3.6-40.el8_2.2.s390x", "product": { "name": "dhcp-client-12:4.3.6-40.el8_2.2.s390x", "product_id": "dhcp-client-12:4.3.6-40.el8_2.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client@4.3.6-40.el8_2.2?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.3.6-40.el8_2.2.s390x", "product": { "name": "dhcp-libs-12:4.3.6-40.el8_2.2.s390x", "product_id": "dhcp-libs-12:4.3.6-40.el8_2.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.3.6-40.el8_2.2?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-12:4.3.6-40.el8_2.2.s390x", "product": { "name": "dhcp-relay-12:4.3.6-40.el8_2.2.s390x", "product_id": "dhcp-relay-12:4.3.6-40.el8_2.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay@4.3.6-40.el8_2.2?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-12:4.3.6-40.el8_2.2.s390x", "product": { "name": "dhcp-server-12:4.3.6-40.el8_2.2.s390x", "product_id": "dhcp-server-12:4.3.6-40.el8_2.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server@4.3.6-40.el8_2.2?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debugsource-12:4.3.6-40.el8_2.2.s390x", "product": { "name": "dhcp-debugsource-12:4.3.6-40.el8_2.2.s390x", "product_id": "dhcp-debugsource-12:4.3.6-40.el8_2.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debugsource@4.3.6-40.el8_2.2?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.s390x", "product": { "name": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.s390x", "product_id": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-client-debuginfo@4.3.6-40.el8_2.2?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.s390x", "product": { "name": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.s390x", "product_id": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.3.6-40.el8_2.2?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.s390x", "product": { "name": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.s390x", "product_id": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs-debuginfo@4.3.6-40.el8_2.2?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.s390x", "product": { "name": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.s390x", "product_id": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-relay-debuginfo@4.3.6-40.el8_2.2?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.s390x", "product": { "name": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.s390x", "product_id": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-server-debuginfo@4.3.6-40.el8_2.2?arch=s390x\u0026epoch=12" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "dhcp-common-12:4.3.6-40.el8_2.2.noarch", "product": { "name": "dhcp-common-12:4.3.6-40.el8_2.2.noarch", "product_id": "dhcp-common-12:4.3.6-40.el8_2.2.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.3.6-40.el8_2.2?arch=noarch\u0026epoch=12" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.3.6-40.el8_2.2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-12:4.3.6-40.el8_2.2.src" }, "product_reference": "dhcp-12:4.3.6-40.el8_2.2.src", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-12:4.3.6-40.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-client-12:4.3.6-40.el8_2.2.aarch64" }, "product_reference": "dhcp-client-12:4.3.6-40.el8_2.2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-12:4.3.6-40.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-client-12:4.3.6-40.el8_2.2.ppc64le" }, "product_reference": "dhcp-client-12:4.3.6-40.el8_2.2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-12:4.3.6-40.el8_2.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-client-12:4.3.6-40.el8_2.2.s390x" }, "product_reference": "dhcp-client-12:4.3.6-40.el8_2.2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-12:4.3.6-40.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-client-12:4.3.6-40.el8_2.2.x86_64" }, "product_reference": "dhcp-client-12:4.3.6-40.el8_2.2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.aarch64" }, "product_reference": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.i686" }, "product_reference": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.i686", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.ppc64le" }, "product_reference": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.s390x" }, "product_reference": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.x86_64" }, "product_reference": "dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.3.6-40.el8_2.2.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-common-12:4.3.6-40.el8_2.2.noarch" }, "product_reference": "dhcp-common-12:4.3.6-40.el8_2.2.noarch", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.aarch64" }, "product_reference": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.i686" }, "product_reference": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.i686", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.ppc64le" }, "product_reference": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.s390x" }, "product_reference": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debugsource-12:4.3.6-40.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.aarch64" }, "product_reference": "dhcp-debugsource-12:4.3.6-40.el8_2.2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debugsource-12:4.3.6-40.el8_2.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.i686" }, "product_reference": "dhcp-debugsource-12:4.3.6-40.el8_2.2.i686", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debugsource-12:4.3.6-40.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.ppc64le" }, "product_reference": "dhcp-debugsource-12:4.3.6-40.el8_2.2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debugsource-12:4.3.6-40.el8_2.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.s390x" }, "product_reference": "dhcp-debugsource-12:4.3.6-40.el8_2.2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debugsource-12:4.3.6-40.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.x86_64" }, "product_reference": "dhcp-debugsource-12:4.3.6-40.el8_2.2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.3.6-40.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.aarch64" }, "product_reference": "dhcp-libs-12:4.3.6-40.el8_2.2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.3.6-40.el8_2.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.i686" }, "product_reference": "dhcp-libs-12:4.3.6-40.el8_2.2.i686", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.3.6-40.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.ppc64le" }, "product_reference": "dhcp-libs-12:4.3.6-40.el8_2.2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.3.6-40.el8_2.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.s390x" }, "product_reference": "dhcp-libs-12:4.3.6-40.el8_2.2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.3.6-40.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.x86_64" }, "product_reference": "dhcp-libs-12:4.3.6-40.el8_2.2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.aarch64" }, "product_reference": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.i686" }, "product_reference": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.i686", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.ppc64le" }, "product_reference": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.s390x" }, "product_reference": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.x86_64" }, "product_reference": "dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-12:4.3.6-40.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-relay-12:4.3.6-40.el8_2.2.aarch64" }, "product_reference": "dhcp-relay-12:4.3.6-40.el8_2.2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-12:4.3.6-40.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-relay-12:4.3.6-40.el8_2.2.ppc64le" }, "product_reference": "dhcp-relay-12:4.3.6-40.el8_2.2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-12:4.3.6-40.el8_2.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-relay-12:4.3.6-40.el8_2.2.s390x" }, "product_reference": "dhcp-relay-12:4.3.6-40.el8_2.2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-12:4.3.6-40.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-relay-12:4.3.6-40.el8_2.2.x86_64" }, "product_reference": "dhcp-relay-12:4.3.6-40.el8_2.2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.aarch64" }, "product_reference": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.i686" }, "product_reference": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.i686", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.ppc64le" }, "product_reference": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.s390x" }, "product_reference": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.x86_64" }, "product_reference": "dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-12:4.3.6-40.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-server-12:4.3.6-40.el8_2.2.aarch64" }, "product_reference": "dhcp-server-12:4.3.6-40.el8_2.2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-12:4.3.6-40.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-server-12:4.3.6-40.el8_2.2.ppc64le" }, "product_reference": "dhcp-server-12:4.3.6-40.el8_2.2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-12:4.3.6-40.el8_2.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-server-12:4.3.6-40.el8_2.2.s390x" }, "product_reference": "dhcp-server-12:4.3.6-40.el8_2.2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-12:4.3.6-40.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-server-12:4.3.6-40.el8_2.2.x86_64" }, "product_reference": "dhcp-server-12:4.3.6-40.el8_2.2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.aarch64" }, "product_reference": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.i686" }, "product_reference": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.i686", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.ppc64le" }, "product_reference": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.s390x" }, "product_reference": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.x86_64" }, "product_reference": "dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-25217", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2021-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1963258" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Dynamic Host Configuration Protocol (DHCP). There is a discrepancy between the code that handles encapsulated option information in leases transmitted \"on the wire\" and the code which reads and parses lease information after it has been written to disk storage. This flaw allows an attacker to deliberately cause a situation where dhcpd while running in DHCPv4 or DHCPv6 mode, or the dhclient attempts to read a stored lease that contains option information, to trigger a stack-based buffer overflow in the option parsing code for colon-separated hex digits values. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient", "title": "Vulnerability summary" }, { "category": "other", "text": "To abuse this flaw an attacker has to be on the same local sub-net of the victim machine. An attacker may send crafted DHCP messages with long lease statements that, when stored locally on file and then re-read by dhclient or dhcpd, might trigger the bug.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.2.0.Z.EUS:dhcp-12:4.3.6-40.el8_2.2.src", "BaseOS-8.2.0.Z.EUS:dhcp-client-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-client-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-client-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-client-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-common-12:4.3.6-40.el8_2.2.noarch", "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-relay-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-relay-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-relay-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-relay-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-server-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-server-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-server-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-server-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-25217" }, { "category": "external", "summary": "RHBZ#1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-25217", "url": "https://www.cve.org/CVERecord?id=CVE-2021-25217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217" }, { "category": "external", "summary": "https://kb.isc.org/docs/cve-2021-25217", "url": "https://kb.isc.org/docs/cve-2021-25217" } ], "release_date": "2021-05-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-06-14T21:01:53+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "BaseOS-8.2.0.Z.EUS:dhcp-12:4.3.6-40.el8_2.2.src", "BaseOS-8.2.0.Z.EUS:dhcp-client-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-client-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-client-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-client-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-common-12:4.3.6-40.el8_2.2.noarch", "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-relay-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-relay-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-relay-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-relay-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-server-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-server-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-server-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-server-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2420" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "BaseOS-8.2.0.Z.EUS:dhcp-12:4.3.6-40.el8_2.2.src", "BaseOS-8.2.0.Z.EUS:dhcp-client-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-client-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-client-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-client-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-client-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-common-12:4.3.6-40.el8_2.2.noarch", "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-debugsource-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-libs-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-libs-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-relay-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-relay-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-relay-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-relay-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-relay-debuginfo-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-server-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-server-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-server-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-server-12:4.3.6-40.el8_2.2.x86_64", "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.aarch64", "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.i686", "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.ppc64le", "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.s390x", "BaseOS-8.2.0.Z.EUS:dhcp-server-debuginfo-12:4.3.6-40.el8_2.2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient" } ] }
rhsa-2021_2415
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for dhcp is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es):\n\n* dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:2415", "url": "https://access.redhat.com/errata/RHSA-2021:2415" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2415.json" } ], "title": "Red Hat Security Advisory: dhcp security update", "tracking": { "current_release_date": "2024-11-15T11:51:32+00:00", "generator": { "date": "2024-11-15T11:51:32+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:2415", "initial_release_date": "2021-06-14T19:35:46+00:00", "revision_history": [ { "date": "2021-06-14T19:35:46+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-06-14T19:35:46+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T11:51:32+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Server AUS (v. 7.3)", "product": { "name": "Red Hat Enterprise Linux Server AUS (v. 7.3)", "product_id": "7Server-7.3.AUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_aus:7.3::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", "product": { "name": "Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", "product_id": "7Server-optional-7.3.AUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_aus:7.3::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "dhclient-12:4.2.5-47.el7_3.2.x86_64", "product": { "name": "dhclient-12:4.2.5-47.el7_3.2.x86_64", "product_id": "dhclient-12:4.2.5-47.el7_3.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhclient@4.2.5-47.el7_3.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-12:4.2.5-47.el7_3.2.x86_64", "product": { "name": "dhcp-12:4.2.5-47.el7_3.2.x86_64", "product_id": "dhcp-12:4.2.5-47.el7_3.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-47.el7_3.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-common-12:4.2.5-47.el7_3.2.x86_64", "product": { "name": "dhcp-common-12:4.2.5-47.el7_3.2.x86_64", "product_id": "dhcp-common-12:4.2.5-47.el7_3.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.2.5-47.el7_3.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.2.5-47.el7_3.2.x86_64", "product": { "name": "dhcp-libs-12:4.2.5-47.el7_3.2.x86_64", "product_id": "dhcp-libs-12:4.2.5-47.el7_3.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-47.el7_3.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-47.el7_3.2.x86_64", "product": { "name": "dhcp-debuginfo-12:4.2.5-47.el7_3.2.x86_64", "product_id": "dhcp-debuginfo-12:4.2.5-47.el7_3.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-47.el7_3.2?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-47.el7_3.2.x86_64", "product": { "name": "dhcp-devel-12:4.2.5-47.el7_3.2.x86_64", "product_id": "dhcp-devel-12:4.2.5-47.el7_3.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-47.el7_3.2?arch=x86_64\u0026epoch=12" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "dhcp-libs-12:4.2.5-47.el7_3.2.i686", "product": { "name": "dhcp-libs-12:4.2.5-47.el7_3.2.i686", "product_id": "dhcp-libs-12:4.2.5-47.el7_3.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-47.el7_3.2?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-47.el7_3.2.i686", "product": { "name": "dhcp-debuginfo-12:4.2.5-47.el7_3.2.i686", "product_id": "dhcp-debuginfo-12:4.2.5-47.el7_3.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-47.el7_3.2?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-47.el7_3.2.i686", "product": { "name": "dhcp-devel-12:4.2.5-47.el7_3.2.i686", "product_id": "dhcp-devel-12:4.2.5-47.el7_3.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-47.el7_3.2?arch=i686\u0026epoch=12" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "dhcp-12:4.2.5-47.el7_3.2.src", "product": { "name": "dhcp-12:4.2.5-47.el7_3.2.src", "product_id": "dhcp-12:4.2.5-47.el7_3.2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-47.el7_3.2?arch=src\u0026epoch=12" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-47.el7_3.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", "product_id": "7Server-7.3.AUS:dhclient-12:4.2.5-47.el7_3.2.x86_64" }, "product_reference": "dhclient-12:4.2.5-47.el7_3.2.x86_64", "relates_to_product_reference": "7Server-7.3.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-47.el7_3.2.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", "product_id": "7Server-7.3.AUS:dhcp-12:4.2.5-47.el7_3.2.src" }, "product_reference": "dhcp-12:4.2.5-47.el7_3.2.src", "relates_to_product_reference": "7Server-7.3.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-47.el7_3.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", "product_id": "7Server-7.3.AUS:dhcp-12:4.2.5-47.el7_3.2.x86_64" }, "product_reference": "dhcp-12:4.2.5-47.el7_3.2.x86_64", "relates_to_product_reference": "7Server-7.3.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-47.el7_3.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", "product_id": "7Server-7.3.AUS:dhcp-common-12:4.2.5-47.el7_3.2.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-47.el7_3.2.x86_64", "relates_to_product_reference": "7Server-7.3.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-47.el7_3.2.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", "product_id": "7Server-7.3.AUS:dhcp-debuginfo-12:4.2.5-47.el7_3.2.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-47.el7_3.2.i686", "relates_to_product_reference": "7Server-7.3.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-47.el7_3.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", "product_id": "7Server-7.3.AUS:dhcp-debuginfo-12:4.2.5-47.el7_3.2.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-47.el7_3.2.x86_64", "relates_to_product_reference": "7Server-7.3.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-47.el7_3.2.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", "product_id": "7Server-7.3.AUS:dhcp-devel-12:4.2.5-47.el7_3.2.i686" }, "product_reference": "dhcp-devel-12:4.2.5-47.el7_3.2.i686", "relates_to_product_reference": "7Server-7.3.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-47.el7_3.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", "product_id": "7Server-7.3.AUS:dhcp-devel-12:4.2.5-47.el7_3.2.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-47.el7_3.2.x86_64", "relates_to_product_reference": "7Server-7.3.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-47.el7_3.2.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", "product_id": "7Server-7.3.AUS:dhcp-libs-12:4.2.5-47.el7_3.2.i686" }, "product_reference": "dhcp-libs-12:4.2.5-47.el7_3.2.i686", "relates_to_product_reference": "7Server-7.3.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-47.el7_3.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", "product_id": "7Server-7.3.AUS:dhcp-libs-12:4.2.5-47.el7_3.2.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-47.el7_3.2.x86_64", "relates_to_product_reference": "7Server-7.3.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-47.el7_3.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", "product_id": "7Server-optional-7.3.AUS:dhclient-12:4.2.5-47.el7_3.2.x86_64" }, "product_reference": "dhclient-12:4.2.5-47.el7_3.2.x86_64", "relates_to_product_reference": "7Server-optional-7.3.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-47.el7_3.2.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", "product_id": "7Server-optional-7.3.AUS:dhcp-12:4.2.5-47.el7_3.2.src" }, "product_reference": "dhcp-12:4.2.5-47.el7_3.2.src", "relates_to_product_reference": "7Server-optional-7.3.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-47.el7_3.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", "product_id": "7Server-optional-7.3.AUS:dhcp-12:4.2.5-47.el7_3.2.x86_64" }, "product_reference": "dhcp-12:4.2.5-47.el7_3.2.x86_64", "relates_to_product_reference": "7Server-optional-7.3.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-47.el7_3.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", "product_id": "7Server-optional-7.3.AUS:dhcp-common-12:4.2.5-47.el7_3.2.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-47.el7_3.2.x86_64", "relates_to_product_reference": "7Server-optional-7.3.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-47.el7_3.2.i686 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", "product_id": "7Server-optional-7.3.AUS:dhcp-debuginfo-12:4.2.5-47.el7_3.2.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-47.el7_3.2.i686", "relates_to_product_reference": "7Server-optional-7.3.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-47.el7_3.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", "product_id": "7Server-optional-7.3.AUS:dhcp-debuginfo-12:4.2.5-47.el7_3.2.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-47.el7_3.2.x86_64", "relates_to_product_reference": "7Server-optional-7.3.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-47.el7_3.2.i686 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", "product_id": "7Server-optional-7.3.AUS:dhcp-devel-12:4.2.5-47.el7_3.2.i686" }, "product_reference": "dhcp-devel-12:4.2.5-47.el7_3.2.i686", "relates_to_product_reference": "7Server-optional-7.3.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-47.el7_3.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", "product_id": "7Server-optional-7.3.AUS:dhcp-devel-12:4.2.5-47.el7_3.2.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-47.el7_3.2.x86_64", "relates_to_product_reference": "7Server-optional-7.3.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-47.el7_3.2.i686 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", "product_id": "7Server-optional-7.3.AUS:dhcp-libs-12:4.2.5-47.el7_3.2.i686" }, "product_reference": "dhcp-libs-12:4.2.5-47.el7_3.2.i686", "relates_to_product_reference": "7Server-optional-7.3.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-47.el7_3.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", "product_id": "7Server-optional-7.3.AUS:dhcp-libs-12:4.2.5-47.el7_3.2.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-47.el7_3.2.x86_64", "relates_to_product_reference": "7Server-optional-7.3.AUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-25217", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2021-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1963258" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Dynamic Host Configuration Protocol (DHCP). There is a discrepancy between the code that handles encapsulated option information in leases transmitted \"on the wire\" and the code which reads and parses lease information after it has been written to disk storage. This flaw allows an attacker to deliberately cause a situation where dhcpd while running in DHCPv4 or DHCPv6 mode, or the dhclient attempts to read a stored lease that contains option information, to trigger a stack-based buffer overflow in the option parsing code for colon-separated hex digits values. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient", "title": "Vulnerability summary" }, { "category": "other", "text": "To abuse this flaw an attacker has to be on the same local sub-net of the victim machine. An attacker may send crafted DHCP messages with long lease statements that, when stored locally on file and then re-read by dhclient or dhcpd, might trigger the bug.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-7.3.AUS:dhclient-12:4.2.5-47.el7_3.2.x86_64", "7Server-7.3.AUS:dhcp-12:4.2.5-47.el7_3.2.src", "7Server-7.3.AUS:dhcp-12:4.2.5-47.el7_3.2.x86_64", "7Server-7.3.AUS:dhcp-common-12:4.2.5-47.el7_3.2.x86_64", "7Server-7.3.AUS:dhcp-debuginfo-12:4.2.5-47.el7_3.2.i686", "7Server-7.3.AUS:dhcp-debuginfo-12:4.2.5-47.el7_3.2.x86_64", "7Server-7.3.AUS:dhcp-devel-12:4.2.5-47.el7_3.2.i686", "7Server-7.3.AUS:dhcp-devel-12:4.2.5-47.el7_3.2.x86_64", "7Server-7.3.AUS:dhcp-libs-12:4.2.5-47.el7_3.2.i686", "7Server-7.3.AUS:dhcp-libs-12:4.2.5-47.el7_3.2.x86_64", "7Server-optional-7.3.AUS:dhclient-12:4.2.5-47.el7_3.2.x86_64", "7Server-optional-7.3.AUS:dhcp-12:4.2.5-47.el7_3.2.src", "7Server-optional-7.3.AUS:dhcp-12:4.2.5-47.el7_3.2.x86_64", "7Server-optional-7.3.AUS:dhcp-common-12:4.2.5-47.el7_3.2.x86_64", "7Server-optional-7.3.AUS:dhcp-debuginfo-12:4.2.5-47.el7_3.2.i686", "7Server-optional-7.3.AUS:dhcp-debuginfo-12:4.2.5-47.el7_3.2.x86_64", "7Server-optional-7.3.AUS:dhcp-devel-12:4.2.5-47.el7_3.2.i686", "7Server-optional-7.3.AUS:dhcp-devel-12:4.2.5-47.el7_3.2.x86_64", "7Server-optional-7.3.AUS:dhcp-libs-12:4.2.5-47.el7_3.2.i686", "7Server-optional-7.3.AUS:dhcp-libs-12:4.2.5-47.el7_3.2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-25217" }, { "category": "external", "summary": "RHBZ#1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-25217", "url": "https://www.cve.org/CVERecord?id=CVE-2021-25217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217" }, { "category": "external", "summary": "https://kb.isc.org/docs/cve-2021-25217", "url": "https://kb.isc.org/docs/cve-2021-25217" } ], "release_date": "2021-05-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-06-14T19:35:46+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-7.3.AUS:dhclient-12:4.2.5-47.el7_3.2.x86_64", "7Server-7.3.AUS:dhcp-12:4.2.5-47.el7_3.2.src", "7Server-7.3.AUS:dhcp-12:4.2.5-47.el7_3.2.x86_64", "7Server-7.3.AUS:dhcp-common-12:4.2.5-47.el7_3.2.x86_64", "7Server-7.3.AUS:dhcp-debuginfo-12:4.2.5-47.el7_3.2.i686", "7Server-7.3.AUS:dhcp-debuginfo-12:4.2.5-47.el7_3.2.x86_64", "7Server-7.3.AUS:dhcp-devel-12:4.2.5-47.el7_3.2.i686", "7Server-7.3.AUS:dhcp-devel-12:4.2.5-47.el7_3.2.x86_64", "7Server-7.3.AUS:dhcp-libs-12:4.2.5-47.el7_3.2.i686", "7Server-7.3.AUS:dhcp-libs-12:4.2.5-47.el7_3.2.x86_64", "7Server-optional-7.3.AUS:dhclient-12:4.2.5-47.el7_3.2.x86_64", "7Server-optional-7.3.AUS:dhcp-12:4.2.5-47.el7_3.2.src", "7Server-optional-7.3.AUS:dhcp-12:4.2.5-47.el7_3.2.x86_64", "7Server-optional-7.3.AUS:dhcp-common-12:4.2.5-47.el7_3.2.x86_64", "7Server-optional-7.3.AUS:dhcp-debuginfo-12:4.2.5-47.el7_3.2.i686", "7Server-optional-7.3.AUS:dhcp-debuginfo-12:4.2.5-47.el7_3.2.x86_64", "7Server-optional-7.3.AUS:dhcp-devel-12:4.2.5-47.el7_3.2.i686", "7Server-optional-7.3.AUS:dhcp-devel-12:4.2.5-47.el7_3.2.x86_64", "7Server-optional-7.3.AUS:dhcp-libs-12:4.2.5-47.el7_3.2.i686", "7Server-optional-7.3.AUS:dhcp-libs-12:4.2.5-47.el7_3.2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2415" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-7.3.AUS:dhclient-12:4.2.5-47.el7_3.2.x86_64", "7Server-7.3.AUS:dhcp-12:4.2.5-47.el7_3.2.src", "7Server-7.3.AUS:dhcp-12:4.2.5-47.el7_3.2.x86_64", "7Server-7.3.AUS:dhcp-common-12:4.2.5-47.el7_3.2.x86_64", "7Server-7.3.AUS:dhcp-debuginfo-12:4.2.5-47.el7_3.2.i686", "7Server-7.3.AUS:dhcp-debuginfo-12:4.2.5-47.el7_3.2.x86_64", "7Server-7.3.AUS:dhcp-devel-12:4.2.5-47.el7_3.2.i686", "7Server-7.3.AUS:dhcp-devel-12:4.2.5-47.el7_3.2.x86_64", "7Server-7.3.AUS:dhcp-libs-12:4.2.5-47.el7_3.2.i686", "7Server-7.3.AUS:dhcp-libs-12:4.2.5-47.el7_3.2.x86_64", "7Server-optional-7.3.AUS:dhclient-12:4.2.5-47.el7_3.2.x86_64", "7Server-optional-7.3.AUS:dhcp-12:4.2.5-47.el7_3.2.src", "7Server-optional-7.3.AUS:dhcp-12:4.2.5-47.el7_3.2.x86_64", "7Server-optional-7.3.AUS:dhcp-common-12:4.2.5-47.el7_3.2.x86_64", "7Server-optional-7.3.AUS:dhcp-debuginfo-12:4.2.5-47.el7_3.2.i686", "7Server-optional-7.3.AUS:dhcp-debuginfo-12:4.2.5-47.el7_3.2.x86_64", "7Server-optional-7.3.AUS:dhcp-devel-12:4.2.5-47.el7_3.2.i686", "7Server-optional-7.3.AUS:dhcp-devel-12:4.2.5-47.el7_3.2.x86_64", "7Server-optional-7.3.AUS:dhcp-libs-12:4.2.5-47.el7_3.2.i686", "7Server-optional-7.3.AUS:dhcp-libs-12:4.2.5-47.el7_3.2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient" } ] }
rhsa-2021_2469
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for dhcp is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es):\n\n* dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:2469", "url": "https://access.redhat.com/errata/RHSA-2021:2469" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2469.json" } ], "title": "Red Hat Security Advisory: dhcp security update", "tracking": { "current_release_date": "2024-11-15T11:51:41+00:00", "generator": { "date": "2024-11-15T11:51:41+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:2469", "initial_release_date": "2021-06-17T11:43:58+00:00", "revision_history": [ { "date": "2021-06-17T11:43:58+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-06-17T11:43:58+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T11:51:41+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Server AUS (v. 7.6)", "product": { "name": "Red Hat Enterprise Linux Server AUS (v. 7.6)", "product_id": "7Server-7.6.AUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_aus:7.6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional AUS (v. 7.6)", "product": { "name": "Red Hat Enterprise Linux Server Optional AUS (v. 7.6)", "product_id": "7Server-optional-7.6.AUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_aus:7.6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server E4S (v. 7.6)", "product": { "name": "Red Hat Enterprise Linux Server E4S (v. 7.6)", "product_id": "7Server-7.6.E4S", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_e4s:7.6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional E4S (v. 7.6)", "product": { "name": "Red Hat Enterprise Linux Server Optional E4S (v. 7.6)", "product_id": "7Server-optional-7.6.E4S", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_e4s:7.6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server TUS (v. 7.6)", "product": { "name": "Red Hat Enterprise Linux Server TUS (v. 7.6)", "product_id": "7Server-7.6.TUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_tus:7.6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional TUS (v. 7.6)", "product": { "name": "Red Hat Enterprise Linux Server Optional TUS (v. 7.6)", "product_id": "7Server-optional-7.6.TUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_tus:7.6::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "dhclient-12:4.2.5-69.el7_6.1.x86_64", "product": { "name": "dhclient-12:4.2.5-69.el7_6.1.x86_64", "product_id": "dhclient-12:4.2.5-69.el7_6.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhclient@4.2.5-69.el7_6.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-12:4.2.5-69.el7_6.1.x86_64", "product": { "name": "dhcp-12:4.2.5-69.el7_6.1.x86_64", "product_id": "dhcp-12:4.2.5-69.el7_6.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-69.el7_6.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "product": { "name": "dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "product_id": "dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.2.5-69.el7_6.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "product": { "name": "dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "product_id": "dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-69.el7_6.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "product": { "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "product_id": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-69.el7_6.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "product": { "name": "dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "product_id": "dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-69.el7_6.1?arch=x86_64\u0026epoch=12" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "dhcp-libs-12:4.2.5-69.el7_6.1.i686", "product": { "name": "dhcp-libs-12:4.2.5-69.el7_6.1.i686", "product_id": "dhcp-libs-12:4.2.5-69.el7_6.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-69.el7_6.1?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "product": { "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "product_id": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-69.el7_6.1?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-69.el7_6.1.i686", "product": { "name": "dhcp-devel-12:4.2.5-69.el7_6.1.i686", "product_id": "dhcp-devel-12:4.2.5-69.el7_6.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-69.el7_6.1?arch=i686\u0026epoch=12" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "dhcp-12:4.2.5-69.el7_6.1.src", "product": { "name": "dhcp-12:4.2.5-69.el7_6.1.src", "product_id": "dhcp-12:4.2.5-69.el7_6.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-69.el7_6.1?arch=src\u0026epoch=12" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "dhcp-devel-12:4.2.5-69.el7_6.1.ppc64le", "product": { "name": "dhcp-devel-12:4.2.5-69.el7_6.1.ppc64le", "product_id": "dhcp-devel-12:4.2.5-69.el7_6.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-69.el7_6.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.ppc64le", "product": { "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.ppc64le", "product_id": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-69.el7_6.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhclient-12:4.2.5-69.el7_6.1.ppc64le", "product": { "name": "dhclient-12:4.2.5-69.el7_6.1.ppc64le", "product_id": "dhclient-12:4.2.5-69.el7_6.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhclient@4.2.5-69.el7_6.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-12:4.2.5-69.el7_6.1.ppc64le", "product": { "name": "dhcp-12:4.2.5-69.el7_6.1.ppc64le", "product_id": "dhcp-12:4.2.5-69.el7_6.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-69.el7_6.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-common-12:4.2.5-69.el7_6.1.ppc64le", "product": { "name": "dhcp-common-12:4.2.5-69.el7_6.1.ppc64le", "product_id": "dhcp-common-12:4.2.5-69.el7_6.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.2.5-69.el7_6.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.2.5-69.el7_6.1.ppc64le", "product": { "name": "dhcp-libs-12:4.2.5-69.el7_6.1.ppc64le", "product_id": "dhcp-libs-12:4.2.5-69.el7_6.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-69.el7_6.1?arch=ppc64le\u0026epoch=12" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)", "product_id": "7Server-7.6.AUS:dhclient-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhclient-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-69.el7_6.1.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)", "product_id": "7Server-7.6.AUS:dhcp-12:4.2.5-69.el7_6.1.src" }, "product_reference": "dhcp-12:4.2.5-69.el7_6.1.src", "relates_to_product_reference": "7Server-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)", "product_id": "7Server-7.6.AUS:dhcp-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)", "product_id": "7Server-7.6.AUS:dhcp-common-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)", "product_id": "7Server-7.6.AUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "relates_to_product_reference": "7Server-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)", "product_id": "7Server-7.6.AUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-69.el7_6.1.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)", "product_id": "7Server-7.6.AUS:dhcp-devel-12:4.2.5-69.el7_6.1.i686" }, "product_reference": "dhcp-devel-12:4.2.5-69.el7_6.1.i686", "relates_to_product_reference": "7Server-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)", "product_id": "7Server-7.6.AUS:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-69.el7_6.1.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)", "product_id": "7Server-7.6.AUS:dhcp-libs-12:4.2.5-69.el7_6.1.i686" }, "product_reference": "dhcp-libs-12:4.2.5-69.el7_6.1.i686", "relates_to_product_reference": "7Server-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)", "product_id": "7Server-7.6.AUS:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-69.el7_6.1.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)", "product_id": "7Server-7.6.E4S:dhclient-12:4.2.5-69.el7_6.1.ppc64le" }, "product_reference": "dhclient-12:4.2.5-69.el7_6.1.ppc64le", "relates_to_product_reference": "7Server-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)", "product_id": "7Server-7.6.E4S:dhclient-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhclient-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-69.el7_6.1.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)", "product_id": "7Server-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.ppc64le" }, "product_reference": "dhcp-12:4.2.5-69.el7_6.1.ppc64le", "relates_to_product_reference": "7Server-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-69.el7_6.1.src as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)", "product_id": "7Server-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.src" }, "product_reference": "dhcp-12:4.2.5-69.el7_6.1.src", "relates_to_product_reference": "7Server-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)", "product_id": "7Server-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-69.el7_6.1.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)", "product_id": "7Server-7.6.E4S:dhcp-common-12:4.2.5-69.el7_6.1.ppc64le" }, "product_reference": "dhcp-common-12:4.2.5-69.el7_6.1.ppc64le", "relates_to_product_reference": "7Server-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)", "product_id": "7Server-7.6.E4S:dhcp-common-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686 as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)", "product_id": "7Server-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "relates_to_product_reference": "7Server-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)", "product_id": "7Server-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.ppc64le" }, "product_reference": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.ppc64le", "relates_to_product_reference": "7Server-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)", "product_id": "7Server-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-69.el7_6.1.i686 as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)", "product_id": "7Server-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.i686" }, "product_reference": "dhcp-devel-12:4.2.5-69.el7_6.1.i686", "relates_to_product_reference": "7Server-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-69.el7_6.1.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)", "product_id": "7Server-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.ppc64le" }, "product_reference": "dhcp-devel-12:4.2.5-69.el7_6.1.ppc64le", "relates_to_product_reference": "7Server-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)", "product_id": "7Server-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-69.el7_6.1.i686 as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)", "product_id": "7Server-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.i686" }, "product_reference": "dhcp-libs-12:4.2.5-69.el7_6.1.i686", "relates_to_product_reference": "7Server-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-69.el7_6.1.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)", "product_id": "7Server-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.ppc64le" }, "product_reference": "dhcp-libs-12:4.2.5-69.el7_6.1.ppc64le", "relates_to_product_reference": "7Server-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)", "product_id": "7Server-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)", "product_id": "7Server-7.6.TUS:dhclient-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhclient-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-7.6.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-69.el7_6.1.src as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)", "product_id": "7Server-7.6.TUS:dhcp-12:4.2.5-69.el7_6.1.src" }, "product_reference": "dhcp-12:4.2.5-69.el7_6.1.src", "relates_to_product_reference": "7Server-7.6.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)", "product_id": "7Server-7.6.TUS:dhcp-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-7.6.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)", "product_id": "7Server-7.6.TUS:dhcp-common-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-7.6.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686 as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)", "product_id": "7Server-7.6.TUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "relates_to_product_reference": "7Server-7.6.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)", "product_id": "7Server-7.6.TUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-7.6.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-69.el7_6.1.i686 as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)", "product_id": "7Server-7.6.TUS:dhcp-devel-12:4.2.5-69.el7_6.1.i686" }, "product_reference": "dhcp-devel-12:4.2.5-69.el7_6.1.i686", "relates_to_product_reference": "7Server-7.6.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)", "product_id": "7Server-7.6.TUS:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-7.6.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-69.el7_6.1.i686 as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)", "product_id": "7Server-7.6.TUS:dhcp-libs-12:4.2.5-69.el7_6.1.i686" }, "product_reference": "dhcp-libs-12:4.2.5-69.el7_6.1.i686", "relates_to_product_reference": "7Server-7.6.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)", "product_id": "7Server-7.6.TUS:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-7.6.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.6)", "product_id": "7Server-optional-7.6.AUS:dhclient-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhclient-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-optional-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-69.el7_6.1.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.6)", "product_id": "7Server-optional-7.6.AUS:dhcp-12:4.2.5-69.el7_6.1.src" }, "product_reference": "dhcp-12:4.2.5-69.el7_6.1.src", "relates_to_product_reference": "7Server-optional-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.6)", "product_id": "7Server-optional-7.6.AUS:dhcp-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-optional-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.6)", "product_id": "7Server-optional-7.6.AUS:dhcp-common-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-optional-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.6)", "product_id": "7Server-optional-7.6.AUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "relates_to_product_reference": "7Server-optional-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.6)", "product_id": "7Server-optional-7.6.AUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-optional-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-69.el7_6.1.i686 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.6)", "product_id": "7Server-optional-7.6.AUS:dhcp-devel-12:4.2.5-69.el7_6.1.i686" }, "product_reference": "dhcp-devel-12:4.2.5-69.el7_6.1.i686", "relates_to_product_reference": "7Server-optional-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.6)", "product_id": "7Server-optional-7.6.AUS:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-optional-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-69.el7_6.1.i686 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.6)", "product_id": "7Server-optional-7.6.AUS:dhcp-libs-12:4.2.5-69.el7_6.1.i686" }, "product_reference": "dhcp-libs-12:4.2.5-69.el7_6.1.i686", "relates_to_product_reference": "7Server-optional-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.6)", "product_id": "7Server-optional-7.6.AUS:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-optional-7.6.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-69.el7_6.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.6)", "product_id": "7Server-optional-7.6.E4S:dhclient-12:4.2.5-69.el7_6.1.ppc64le" }, "product_reference": "dhclient-12:4.2.5-69.el7_6.1.ppc64le", "relates_to_product_reference": "7Server-optional-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.6)", "product_id": "7Server-optional-7.6.E4S:dhclient-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhclient-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-optional-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-69.el7_6.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.6)", "product_id": "7Server-optional-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.ppc64le" }, "product_reference": "dhcp-12:4.2.5-69.el7_6.1.ppc64le", "relates_to_product_reference": "7Server-optional-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-69.el7_6.1.src as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.6)", "product_id": "7Server-optional-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.src" }, "product_reference": "dhcp-12:4.2.5-69.el7_6.1.src", "relates_to_product_reference": "7Server-optional-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.6)", "product_id": "7Server-optional-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-optional-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-69.el7_6.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.6)", "product_id": "7Server-optional-7.6.E4S:dhcp-common-12:4.2.5-69.el7_6.1.ppc64le" }, "product_reference": "dhcp-common-12:4.2.5-69.el7_6.1.ppc64le", "relates_to_product_reference": "7Server-optional-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.6)", "product_id": "7Server-optional-7.6.E4S:dhcp-common-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-optional-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.6)", "product_id": "7Server-optional-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "relates_to_product_reference": "7Server-optional-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.6)", "product_id": "7Server-optional-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.ppc64le" }, "product_reference": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.ppc64le", "relates_to_product_reference": "7Server-optional-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.6)", "product_id": "7Server-optional-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-optional-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-69.el7_6.1.i686 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.6)", "product_id": "7Server-optional-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.i686" }, "product_reference": "dhcp-devel-12:4.2.5-69.el7_6.1.i686", "relates_to_product_reference": "7Server-optional-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-69.el7_6.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.6)", "product_id": "7Server-optional-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.ppc64le" }, "product_reference": "dhcp-devel-12:4.2.5-69.el7_6.1.ppc64le", "relates_to_product_reference": "7Server-optional-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.6)", "product_id": "7Server-optional-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-optional-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-69.el7_6.1.i686 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.6)", "product_id": "7Server-optional-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.i686" }, "product_reference": "dhcp-libs-12:4.2.5-69.el7_6.1.i686", "relates_to_product_reference": "7Server-optional-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-69.el7_6.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.6)", "product_id": "7Server-optional-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.ppc64le" }, "product_reference": "dhcp-libs-12:4.2.5-69.el7_6.1.ppc64le", "relates_to_product_reference": "7Server-optional-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.6)", "product_id": "7Server-optional-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-optional-7.6.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.6)", "product_id": "7Server-optional-7.6.TUS:dhclient-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhclient-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-optional-7.6.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-69.el7_6.1.src as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.6)", "product_id": "7Server-optional-7.6.TUS:dhcp-12:4.2.5-69.el7_6.1.src" }, "product_reference": "dhcp-12:4.2.5-69.el7_6.1.src", "relates_to_product_reference": "7Server-optional-7.6.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.6)", "product_id": "7Server-optional-7.6.TUS:dhcp-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-optional-7.6.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.6)", "product_id": "7Server-optional-7.6.TUS:dhcp-common-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-optional-7.6.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.6)", "product_id": "7Server-optional-7.6.TUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "relates_to_product_reference": "7Server-optional-7.6.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.6)", "product_id": "7Server-optional-7.6.TUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-optional-7.6.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-69.el7_6.1.i686 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.6)", "product_id": "7Server-optional-7.6.TUS:dhcp-devel-12:4.2.5-69.el7_6.1.i686" }, "product_reference": "dhcp-devel-12:4.2.5-69.el7_6.1.i686", "relates_to_product_reference": "7Server-optional-7.6.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.6)", "product_id": "7Server-optional-7.6.TUS:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-optional-7.6.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-69.el7_6.1.i686 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.6)", "product_id": "7Server-optional-7.6.TUS:dhcp-libs-12:4.2.5-69.el7_6.1.i686" }, "product_reference": "dhcp-libs-12:4.2.5-69.el7_6.1.i686", "relates_to_product_reference": "7Server-optional-7.6.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-69.el7_6.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.6)", "product_id": "7Server-optional-7.6.TUS:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "relates_to_product_reference": "7Server-optional-7.6.TUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-25217", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2021-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1963258" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Dynamic Host Configuration Protocol (DHCP). There is a discrepancy between the code that handles encapsulated option information in leases transmitted \"on the wire\" and the code which reads and parses lease information after it has been written to disk storage. This flaw allows an attacker to deliberately cause a situation where dhcpd while running in DHCPv4 or DHCPv6 mode, or the dhclient attempts to read a stored lease that contains option information, to trigger a stack-based buffer overflow in the option parsing code for colon-separated hex digits values. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient", "title": "Vulnerability summary" }, { "category": "other", "text": "To abuse this flaw an attacker has to be on the same local sub-net of the victim machine. An attacker may send crafted DHCP messages with long lease statements that, when stored locally on file and then re-read by dhclient or dhcpd, might trigger the bug.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-7.6.AUS:dhclient-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.AUS:dhcp-12:4.2.5-69.el7_6.1.src", "7Server-7.6.AUS:dhcp-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.AUS:dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.AUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.AUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.AUS:dhcp-devel-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.AUS:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.AUS:dhcp-libs-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.AUS:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.E4S:dhclient-12:4.2.5-69.el7_6.1.ppc64le", "7Server-7.6.E4S:dhclient-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.ppc64le", "7Server-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.src", "7Server-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.E4S:dhcp-common-12:4.2.5-69.el7_6.1.ppc64le", "7Server-7.6.E4S:dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.ppc64le", "7Server-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.ppc64le", "7Server-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.ppc64le", "7Server-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.TUS:dhclient-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.TUS:dhcp-12:4.2.5-69.el7_6.1.src", "7Server-7.6.TUS:dhcp-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.TUS:dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.TUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.TUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.TUS:dhcp-devel-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.TUS:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.TUS:dhcp-libs-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.TUS:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.AUS:dhclient-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.AUS:dhcp-12:4.2.5-69.el7_6.1.src", "7Server-optional-7.6.AUS:dhcp-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.AUS:dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.AUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.AUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.AUS:dhcp-devel-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.AUS:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.AUS:dhcp-libs-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.AUS:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.E4S:dhclient-12:4.2.5-69.el7_6.1.ppc64le", "7Server-optional-7.6.E4S:dhclient-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.ppc64le", "7Server-optional-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.src", "7Server-optional-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.E4S:dhcp-common-12:4.2.5-69.el7_6.1.ppc64le", "7Server-optional-7.6.E4S:dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.ppc64le", "7Server-optional-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.ppc64le", "7Server-optional-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.ppc64le", "7Server-optional-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.TUS:dhclient-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.TUS:dhcp-12:4.2.5-69.el7_6.1.src", "7Server-optional-7.6.TUS:dhcp-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.TUS:dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.TUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.TUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.TUS:dhcp-devel-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.TUS:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.TUS:dhcp-libs-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.TUS:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-25217" }, { "category": "external", "summary": "RHBZ#1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-25217", "url": "https://www.cve.org/CVERecord?id=CVE-2021-25217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217" }, { "category": "external", "summary": "https://kb.isc.org/docs/cve-2021-25217", "url": "https://kb.isc.org/docs/cve-2021-25217" } ], "release_date": "2021-05-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-06-17T11:43:58+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-7.6.AUS:dhclient-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.AUS:dhcp-12:4.2.5-69.el7_6.1.src", "7Server-7.6.AUS:dhcp-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.AUS:dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.AUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.AUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.AUS:dhcp-devel-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.AUS:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.AUS:dhcp-libs-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.AUS:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.E4S:dhclient-12:4.2.5-69.el7_6.1.ppc64le", "7Server-7.6.E4S:dhclient-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.ppc64le", "7Server-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.src", "7Server-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.E4S:dhcp-common-12:4.2.5-69.el7_6.1.ppc64le", "7Server-7.6.E4S:dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.ppc64le", "7Server-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.ppc64le", "7Server-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.ppc64le", "7Server-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.TUS:dhclient-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.TUS:dhcp-12:4.2.5-69.el7_6.1.src", "7Server-7.6.TUS:dhcp-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.TUS:dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.TUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.TUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.TUS:dhcp-devel-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.TUS:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.TUS:dhcp-libs-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.TUS:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.AUS:dhclient-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.AUS:dhcp-12:4.2.5-69.el7_6.1.src", "7Server-optional-7.6.AUS:dhcp-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.AUS:dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.AUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.AUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.AUS:dhcp-devel-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.AUS:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.AUS:dhcp-libs-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.AUS:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.E4S:dhclient-12:4.2.5-69.el7_6.1.ppc64le", "7Server-optional-7.6.E4S:dhclient-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.ppc64le", "7Server-optional-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.src", "7Server-optional-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.E4S:dhcp-common-12:4.2.5-69.el7_6.1.ppc64le", "7Server-optional-7.6.E4S:dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.ppc64le", "7Server-optional-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.ppc64le", "7Server-optional-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.ppc64le", "7Server-optional-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.TUS:dhclient-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.TUS:dhcp-12:4.2.5-69.el7_6.1.src", "7Server-optional-7.6.TUS:dhcp-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.TUS:dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.TUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.TUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.TUS:dhcp-devel-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.TUS:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.TUS:dhcp-libs-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.TUS:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2469" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-7.6.AUS:dhclient-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.AUS:dhcp-12:4.2.5-69.el7_6.1.src", "7Server-7.6.AUS:dhcp-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.AUS:dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.AUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.AUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.AUS:dhcp-devel-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.AUS:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.AUS:dhcp-libs-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.AUS:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.E4S:dhclient-12:4.2.5-69.el7_6.1.ppc64le", "7Server-7.6.E4S:dhclient-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.ppc64le", "7Server-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.src", "7Server-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.E4S:dhcp-common-12:4.2.5-69.el7_6.1.ppc64le", "7Server-7.6.E4S:dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.ppc64le", "7Server-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.ppc64le", "7Server-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.ppc64le", "7Server-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.TUS:dhclient-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.TUS:dhcp-12:4.2.5-69.el7_6.1.src", "7Server-7.6.TUS:dhcp-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.TUS:dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.TUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.TUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.TUS:dhcp-devel-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.TUS:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "7Server-7.6.TUS:dhcp-libs-12:4.2.5-69.el7_6.1.i686", "7Server-7.6.TUS:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.AUS:dhclient-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.AUS:dhcp-12:4.2.5-69.el7_6.1.src", "7Server-optional-7.6.AUS:dhcp-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.AUS:dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.AUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.AUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.AUS:dhcp-devel-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.AUS:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.AUS:dhcp-libs-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.AUS:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.E4S:dhclient-12:4.2.5-69.el7_6.1.ppc64le", "7Server-optional-7.6.E4S:dhclient-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.ppc64le", "7Server-optional-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.src", "7Server-optional-7.6.E4S:dhcp-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.E4S:dhcp-common-12:4.2.5-69.el7_6.1.ppc64le", "7Server-optional-7.6.E4S:dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.ppc64le", "7Server-optional-7.6.E4S:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.ppc64le", "7Server-optional-7.6.E4S:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.ppc64le", "7Server-optional-7.6.E4S:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.TUS:dhclient-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.TUS:dhcp-12:4.2.5-69.el7_6.1.src", "7Server-optional-7.6.TUS:dhcp-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.TUS:dhcp-common-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.TUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.TUS:dhcp-debuginfo-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.TUS:dhcp-devel-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.TUS:dhcp-devel-12:4.2.5-69.el7_6.1.x86_64", "7Server-optional-7.6.TUS:dhcp-libs-12:4.2.5-69.el7_6.1.i686", "7Server-optional-7.6.TUS:dhcp-libs-12:4.2.5-69.el7_6.1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient" } ] }
rhsa-2021_2519
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The redhat-virtualization-host packages provide the Red Hat Virtualization Host.\nThese packages include redhat-release-virtualization-host. Red Hat\nVirtualization Hosts (RHVH) are installed using a special build of Red Hat\nEnterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host\u0027s resources and\nperforming administrative tasks.\n\nSecurity Fix(es):\n\n* glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219)\n\n* hw: vt-d related privilege escalation (CVE-2020-24489)\n\n* dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:2519", "url": "https://access.redhat.com/errata/RHSA-2021:2519" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1929858", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929858" }, { "category": "external", "summary": "1948377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948377" }, { "category": "external", "summary": "1957238", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957238" }, { "category": "external", "summary": "1962650", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962650" }, { "category": "external", "summary": "1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2519.json" } ], "title": "Red Hat Security Advisory: RHV-H security update (redhat-virtualization-host) 4.3.16", "tracking": { "current_release_date": "2024-11-15T11:51:52+00:00", "generator": { "date": "2024-11-15T11:51:52+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:2519", "initial_release_date": "2021-06-22T13:23:21+00:00", "revision_history": [ { "date": "2021-06-22T13:23:21+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-06-22T13:23:21+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T11:51:52+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHEL 7-based RHEV-H for RHEV 4 (build requirements)", "product": { "name": "RHEL 7-based RHEV-H for RHEV 4 (build requirements)", "product_id": "7Server-RHEV-4-HypervisorBuild-7", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor" } } }, { "category": "product_name", "name": "Red Hat Virtualization 4 Hypervisor for RHEL 7", "product": { "name": "Red Hat Virtualization 4 Hypervisor for RHEL 7", "product_id": "7Server-RHEV-4-Hypervisor-7", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor" } } } ], "category": "product_family", "name": "Red Hat Virtualization" }, { "branches": [ { "category": "product_version", "name": "redhat-release-virtualization-host-0:4.3.16-1.el7ev.src", "product": { "name": "redhat-release-virtualization-host-0:4.3.16-1.el7ev.src", "product_id": "redhat-release-virtualization-host-0:4.3.16-1.el7ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/redhat-release-virtualization-host@4.3.16-1.el7ev?arch=src" } } }, { "category": "product_version", "name": "redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "product": { "name": "redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "product_id": "redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/redhat-virtualization-host@4.3.16-20210615.0.el7_9?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "redhat-release-virtualization-host-0:4.3.16-1.el7ev.x86_64", "product": { "name": "redhat-release-virtualization-host-0:4.3.16-1.el7ev.x86_64", "product_id": "redhat-release-virtualization-host-0:4.3.16-1.el7ev.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/redhat-release-virtualization-host@4.3.16-1.el7ev?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "redhat-virtualization-host-image-update-placeholder-0:4.3.16-1.el7ev.noarch", "product": { "name": "redhat-virtualization-host-image-update-placeholder-0:4.3.16-1.el7ev.noarch", "product_id": "redhat-virtualization-host-image-update-placeholder-0:4.3.16-1.el7ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/redhat-virtualization-host-image-update-placeholder@4.3.16-1.el7ev?arch=noarch" } } }, { "category": "product_version", "name": "redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch", "product": { "name": "redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch", "product_id": "redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/redhat-virtualization-host-image-update@4.3.16-20210615.0.el7_9?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 7", "product_id": "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src" }, "product_reference": "redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "relates_to_product_reference": "7Server-RHEV-4-Hypervisor-7" }, { "category": "default_component_of", "full_product_name": { "name": "redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch as a component of Red Hat Virtualization 4 Hypervisor for RHEL 7", "product_id": "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch" }, "product_reference": "redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch", "relates_to_product_reference": "7Server-RHEV-4-Hypervisor-7" }, { "category": "default_component_of", "full_product_name": { "name": "redhat-release-virtualization-host-0:4.3.16-1.el7ev.src as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", "product_id": "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.16-1.el7ev.src" }, "product_reference": "redhat-release-virtualization-host-0:4.3.16-1.el7ev.src", "relates_to_product_reference": "7Server-RHEV-4-HypervisorBuild-7" }, { "category": "default_component_of", "full_product_name": { "name": "redhat-release-virtualization-host-0:4.3.16-1.el7ev.x86_64 as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", "product_id": "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.16-1.el7ev.x86_64" }, "product_reference": "redhat-release-virtualization-host-0:4.3.16-1.el7ev.x86_64", "relates_to_product_reference": "7Server-RHEV-4-HypervisorBuild-7" }, { "category": "default_component_of", "full_product_name": { "name": "redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", "product_id": "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src" }, "product_reference": "redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "relates_to_product_reference": "7Server-RHEV-4-HypervisorBuild-7" }, { "category": "default_component_of", "full_product_name": { "name": "redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", "product_id": "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch" }, "product_reference": "redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch", "relates_to_product_reference": "7Server-RHEV-4-HypervisorBuild-7" }, { "category": "default_component_of", "full_product_name": { "name": "redhat-virtualization-host-image-update-placeholder-0:4.3.16-1.el7ev.noarch as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", "product_id": "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.16-1.el7ev.noarch" }, "product_reference": "redhat-virtualization-host-image-update-placeholder-0:4.3.16-1.el7ev.noarch", "relates_to_product_reference": "7Server-RHEV-4-HypervisorBuild-7" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Intel" ] } ], "cve": "CVE-2020-24489", "cwe": { "id": "CWE-459", "name": "Incomplete Cleanup" }, "discovery_date": "2021-05-20T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.16-1.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.16-1.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.16-1.el7ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1962650" } ], "notes": [ { "category": "description", "text": "A flaw was found in Intel\u00ae VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "hw: vt-d related privilege escalation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch" ], "known_not_affected": [ "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.16-1.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.16-1.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.16-1.el7ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-24489" }, { "category": "external", "summary": "RHBZ#1962650", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962650" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-24489", "url": "https://www.cve.org/CVERecord?id=CVE-2020-24489" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24489", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24489" } ], "release_date": "2021-06-08T17:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-06-22T13:23:21+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2519" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "hw: vt-d related privilege escalation" }, { "cve": "CVE-2021-25217", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2021-05-21T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.16-1.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.16-1.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.16-1.el7ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1963258" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Dynamic Host Configuration Protocol (DHCP). There is a discrepancy between the code that handles encapsulated option information in leases transmitted \"on the wire\" and the code which reads and parses lease information after it has been written to disk storage. This flaw allows an attacker to deliberately cause a situation where dhcpd while running in DHCPv4 or DHCPv6 mode, or the dhclient attempts to read a stored lease that contains option information, to trigger a stack-based buffer overflow in the option parsing code for colon-separated hex digits values. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient", "title": "Vulnerability summary" }, { "category": "other", "text": "To abuse this flaw an attacker has to be on the same local sub-net of the victim machine. An attacker may send crafted DHCP messages with long lease statements that, when stored locally on file and then re-read by dhclient or dhcpd, might trigger the bug.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch" ], "known_not_affected": [ "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.16-1.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.16-1.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.16-1.el7ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-25217" }, { "category": "external", "summary": "RHBZ#1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-25217", "url": "https://www.cve.org/CVERecord?id=CVE-2021-25217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217" }, { "category": "external", "summary": "https://kb.isc.org/docs/cve-2021-25217", "url": "https://kb.isc.org/docs/cve-2021-25217" } ], "release_date": "2021-05-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-06-22T13:23:21+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2519" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient" }, { "cve": "CVE-2021-27219", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-02-14T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.16-1.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.16-1.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.16-1.el7ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1929858" } ], "notes": [ { "category": "description", "text": "An integer wraparound was discovered in glib due to passing a 64 bit sized value to function g_memdup() which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against the glib library uses g_bytes_new() function or possibly other functions that use g_memdup() underneath and accept a 64 bits argument as size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits", "title": "Vulnerability summary" }, { "category": "other", "text": "Applications that just use GBytes to access the data are affected by this flaw but the highest threat is to data confidentiality and/or the application availability, due to possible out-of-bounds reads. However, if the data in GBytes is taken through functions such as g_bytes_unref_to_data or g_bytes_unref_to_array it might be possible to have out-of-bounds writes due to the wrongly reported size of the buffer.\n\nApplications that use g_memdup to duplicate memory with user-controlled sizes should pay extra attention to the fact that g_memdup accepts a guint size instead of gsize. Thus directly passing a gsize value to g_memdup may results in integer truncation, allocating a buffer smaller than expected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch" ], "known_not_affected": [ "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.16-1.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.16-1.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.16-1.el7ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-27219" }, { "category": "external", "summary": "RHBZ#1929858", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929858" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-27219", "url": "https://www.cve.org/CVERecord?id=CVE-2021-27219" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-27219", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27219" } ], "release_date": "2021-02-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-06-22T13:23:21+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2519" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.16-20210615.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.16-20210615.0.el7_9.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits" } ] }
rhsa-2021_2357
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for dhcp is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es):\n\n* dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:2357", "url": "https://access.redhat.com/errata/RHSA-2021:2357" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2357.json" } ], "title": "Red Hat Security Advisory: dhcp security update", "tracking": { "current_release_date": "2024-11-15T11:50:36+00:00", "generator": { "date": "2024-11-15T11:50:36+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:2357", "initial_release_date": "2021-06-09T11:07:56+00:00", "revision_history": [ { "date": "2021-06-09T11:07:56+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-06-09T11:07:56+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T11:50:36+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Client (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "dhclient-12:4.2.5-83.el7_9.1.x86_64", "product": { "name": "dhclient-12:4.2.5-83.el7_9.1.x86_64", "product_id": "dhclient-12:4.2.5-83.el7_9.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhclient@4.2.5-83.el7_9.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "product": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "product_id": "dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.2.5-83.el7_9.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "product": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "product_id": "dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-83.el7_9.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "product": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "product_id": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-83.el7_9.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-12:4.2.5-83.el7_9.1.x86_64", "product": { "name": "dhcp-12:4.2.5-83.el7_9.1.x86_64", "product_id": "dhcp-12:4.2.5-83.el7_9.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-83.el7_9.1?arch=x86_64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "product": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "product_id": "dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-83.el7_9.1?arch=x86_64\u0026epoch=12" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "dhcp-libs-12:4.2.5-83.el7_9.1.i686", "product": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.i686", "product_id": "dhcp-libs-12:4.2.5-83.el7_9.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-83.el7_9.1?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "product": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "product_id": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-83.el7_9.1?arch=i686\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-83.el7_9.1.i686", "product": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.i686", "product_id": "dhcp-devel-12:4.2.5-83.el7_9.1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-83.el7_9.1?arch=i686\u0026epoch=12" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "dhcp-12:4.2.5-83.el7_9.1.src", "product": { "name": "dhcp-12:4.2.5-83.el7_9.1.src", "product_id": "dhcp-12:4.2.5-83.el7_9.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-83.el7_9.1?arch=src\u0026epoch=12" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "dhclient-12:4.2.5-83.el7_9.1.ppc64le", "product": { "name": "dhclient-12:4.2.5-83.el7_9.1.ppc64le", "product_id": "dhclient-12:4.2.5-83.el7_9.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhclient@4.2.5-83.el7_9.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-12:4.2.5-83.el7_9.1.ppc64le", "product": { "name": "dhcp-12:4.2.5-83.el7_9.1.ppc64le", "product_id": "dhcp-12:4.2.5-83.el7_9.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-83.el7_9.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "product": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "product_id": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.2.5-83.el7_9.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "product": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "product_id": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-83.el7_9.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "product": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "product_id": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-83.el7_9.1?arch=ppc64le\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "product": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "product_id": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-83.el7_9.1?arch=ppc64le\u0026epoch=12" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "dhclient-12:4.2.5-83.el7_9.1.ppc64", "product": { "name": "dhclient-12:4.2.5-83.el7_9.1.ppc64", "product_id": "dhclient-12:4.2.5-83.el7_9.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhclient@4.2.5-83.el7_9.1?arch=ppc64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-12:4.2.5-83.el7_9.1.ppc64", "product": { "name": "dhcp-12:4.2.5-83.el7_9.1.ppc64", "product_id": "dhcp-12:4.2.5-83.el7_9.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-83.el7_9.1?arch=ppc64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "product": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "product_id": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.2.5-83.el7_9.1?arch=ppc64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "product": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "product_id": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-83.el7_9.1?arch=ppc64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "product": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "product_id": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-83.el7_9.1?arch=ppc64\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "product": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "product_id": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-83.el7_9.1?arch=ppc64\u0026epoch=12" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "product": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "product_id": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-83.el7_9.1?arch=ppc\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "product": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "product_id": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-83.el7_9.1?arch=ppc\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "product": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "product_id": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-83.el7_9.1?arch=ppc\u0026epoch=12" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "dhclient-12:4.2.5-83.el7_9.1.s390x", "product": { "name": "dhclient-12:4.2.5-83.el7_9.1.s390x", "product_id": "dhclient-12:4.2.5-83.el7_9.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhclient@4.2.5-83.el7_9.1?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-12:4.2.5-83.el7_9.1.s390x", "product": { "name": "dhcp-12:4.2.5-83.el7_9.1.s390x", "product_id": "dhcp-12:4.2.5-83.el7_9.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp@4.2.5-83.el7_9.1?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-common-12:4.2.5-83.el7_9.1.s390x", "product": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.s390x", "product_id": "dhcp-common-12:4.2.5-83.el7_9.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-common@4.2.5-83.el7_9.1?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "product": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "product_id": "dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-83.el7_9.1?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "product": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "product_id": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-83.el7_9.1?arch=s390x\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "product": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "product_id": "dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-83.el7_9.1?arch=s390x\u0026epoch=12" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "dhcp-libs-12:4.2.5-83.el7_9.1.s390", "product": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.s390", "product_id": "dhcp-libs-12:4.2.5-83.el7_9.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-libs@4.2.5-83.el7_9.1?arch=s390\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "product": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "product_id": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-debuginfo@4.2.5-83.el7_9.1?arch=s390\u0026epoch=12" } } }, { "category": "product_version", "name": "dhcp-devel-12:4.2.5-83.el7_9.1.s390", "product": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.s390", "product_id": "dhcp-devel-12:4.2.5-83.el7_9.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/dhcp-devel@4.2.5-83.el7_9.1?arch=s390\u0026epoch=12" } } } ], "category": "architecture", "name": "s390" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.src as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.src", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.src", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.src", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.src as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.src", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.src", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.src", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhclient-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhclient-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.src", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-common-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-devel-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.i686", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.s390", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "dhcp-libs-12:4.2.5-83.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64" }, "product_reference": "dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-25217", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2021-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1963258" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Dynamic Host Configuration Protocol (DHCP). There is a discrepancy between the code that handles encapsulated option information in leases transmitted \"on the wire\" and the code which reads and parses lease information after it has been written to disk storage. This flaw allows an attacker to deliberately cause a situation where dhcpd while running in DHCPv4 or DHCPv6 mode, or the dhclient attempts to read a stored lease that contains option information, to trigger a stack-based buffer overflow in the option parsing code for colon-separated hex digits values. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient", "title": "Vulnerability summary" }, { "category": "other", "text": "To abuse this flaw an attacker has to be on the same local sub-net of the victim machine. An attacker may send crafted DHCP messages with long lease statements that, when stored locally on file and then re-read by dhclient or dhcpd, might trigger the bug.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7Client-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7Client-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7Client-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7Client-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7Client-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7Client-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7Client-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "7Client-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7Client-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7Client-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7Client-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7Client-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7Client-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "7Server-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7Server-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7Server-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7Server-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7Server-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7Server-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7Server-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7Server-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "7Server-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7Server-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7Server-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7Server-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7Server-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7Server-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7Workstation-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7Workstation-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-25217" }, { "category": "external", "summary": "RHBZ#1963258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963258" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-25217", "url": "https://www.cve.org/CVERecord?id=CVE-2021-25217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217" }, { "category": "external", "summary": "https://kb.isc.org/docs/cve-2021-25217", "url": "https://kb.isc.org/docs/cve-2021-25217" } ], "release_date": "2021-05-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-06-09T11:07:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7Client-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7Client-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7Client-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7Client-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7Client-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7Client-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7Client-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "7Client-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7Client-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7Client-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7Client-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7Client-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7Client-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "7Server-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7Server-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7Server-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7Server-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7Server-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7Server-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7Server-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7Server-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "7Server-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7Server-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7Server-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7Server-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7Server-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7Server-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7Workstation-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7Workstation-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2357" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Client-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7Client-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7Client-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7Client-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7Client-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7Client-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7Client-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7Client-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7Client-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7Client-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7Client-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7Client-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "7Client-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7Client-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7Client-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7Client-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7Client-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7Client-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7Client-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7Client-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7Client-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7Client-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "7Server-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7Server-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7Server-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7Server-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7Server-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7Server-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7Server-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7Server-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7Server-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7Server-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7Server-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7Server-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "7Server-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7Server-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7Server-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7Server-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7Server-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7Server-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7Server-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7Server-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7Server-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7Server-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7Workstation-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7Workstation-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7Workstation-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7Workstation-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7Workstation-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7Workstation-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dhclient-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.src", "7Workstation-optional-7.9.Z:dhcp-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dhcp-common-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.i686", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dhcp-debuginfo-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.i686", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dhcp-devel-12:4.2.5-83.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.i686", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dhcp-libs-12:4.2.5-83.el7_9.1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient" } ] }
wid-sec-w-2023-0063
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Junos Space ist eine Software-Plattform, die eine Reihe von Applikationen f\u00fcr das Netzwerkmanagement beinhaltet.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Juniper Junos Space ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern.", "title": "Angriff" }, { "category": "general", "text": "- Juniper Appliance", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0063 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-0063.json" }, { "category": "self", "summary": "WID-SEC-2023-0063 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0063" }, { "category": "external", "summary": "Juniper Security Advisory JSA70182 vom 2023-01-12", "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Contrail-Service-Orchestration-Multiple-vulnerabilities-resolved-in-CSO-6-3-0?language=en_US" }, { "category": "external", "summary": "Juniper Security Advisory vom 2022-01-12", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11287\u0026cat=SIRT_1" } ], "source_lang": "en-US", "title": "Juniper Junos Space: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-01-11T23:00:00.000+00:00", "generator": { "date": "2024-02-15T17:09:11.163+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-0063", "initial_release_date": "2022-01-12T23:00:00.000+00:00", "revision_history": [ { "date": "2022-01-12T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-01-11T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Juniper aufgenommen" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Juniper Contrail Service Orchestration", "product": { "name": "Juniper Contrail Service Orchestration", "product_id": "T025794", "product_identification_helper": { "cpe": "cpe:/a:juniper:contrail_service_orchestration:-" } } }, { "category": "product_name", "name": "Juniper Junos Space \u003c 21.3R1", "product": { "name": "Juniper Junos Space \u003c 21.3R1", "product_id": "T021576", "product_identification_helper": { "cpe": "cpe:/a:juniper:junos_space:21.3r1" } } } ], "category": "vendor", "name": "Juniper" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-17543", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2019-17543" }, { "cve": "CVE-2019-20934", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2019-20934" }, { "cve": "CVE-2020-0543", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-0543" }, { "cve": "CVE-2020-0548", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-0548" }, { "cve": "CVE-2020-0549", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-0549" }, { "cve": "CVE-2020-11022", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11022" }, { "cve": "CVE-2020-11023", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11023" }, { "cve": "CVE-2020-11668", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11668" }, { "cve": "CVE-2020-11984", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11984" }, { "cve": "CVE-2020-11993", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11993" }, { "cve": "CVE-2020-12362", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-12362" }, { "cve": "CVE-2020-12363", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-12363" }, { "cve": "CVE-2020-12364", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-12364" }, { "cve": "CVE-2020-1927", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-1927" }, { "cve": "CVE-2020-1934", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-1934" }, { "cve": "CVE-2020-24489", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-24489" }, { "cve": "CVE-2020-24511", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-24511" }, { "cve": "CVE-2020-24512", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-24512" }, { "cve": "CVE-2020-27170", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-27170" }, { "cve": "CVE-2020-27777", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-27777" }, { "cve": "CVE-2020-29443", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-29443" }, { "cve": "CVE-2020-8625", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8625" }, { "cve": "CVE-2020-8648", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8648" }, { "cve": "CVE-2020-8695", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8695" }, { "cve": "CVE-2020-8696", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8696" }, { "cve": "CVE-2020-8698", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8698" }, { "cve": "CVE-2020-9490", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-9490" }, { "cve": "CVE-2021-20254", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-20254" }, { "cve": "CVE-2021-22555", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-22555" }, { "cve": "CVE-2021-22901", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-22901" }, { "cve": "CVE-2021-2341", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2341" }, { "cve": "CVE-2021-2342", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2342" }, { "cve": "CVE-2021-2356", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2356" }, { "cve": "CVE-2021-2369", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2369" }, { "cve": "CVE-2021-2372", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2372" }, { "cve": "CVE-2021-2385", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2385" }, { "cve": "CVE-2021-2388", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2388" }, { "cve": "CVE-2021-2389", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2389" }, { "cve": "CVE-2021-2390", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2390" }, { "cve": "CVE-2021-25214", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-25214" }, { "cve": "CVE-2021-25217", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-25217" }, { "cve": "CVE-2021-27219", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-27219" }, { "cve": "CVE-2021-29154", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-29154" }, { "cve": "CVE-2021-29650", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-29650" }, { "cve": "CVE-2021-31535", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-31535" }, { "cve": "CVE-2021-32399", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-32399" }, { "cve": "CVE-2021-33033", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-33033" }, { "cve": "CVE-2021-33034", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-33034" }, { "cve": "CVE-2021-3347", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3347" }, { "cve": "CVE-2021-33909", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-33909" }, { "cve": "CVE-2021-3653", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3653" }, { "cve": "CVE-2021-3656", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3656" }, { "cve": "CVE-2021-3715", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3715" }, { "cve": "CVE-2021-37576", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-37576" }, { "cve": "CVE-2021-4104", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-4104" }, { "cve": "CVE-2021-42550", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-42550" }, { "cve": "CVE-2021-44228", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-44228" }, { "cve": "CVE-2021-45046", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-45046" } ] }
WID-SEC-W-2023-1261
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Internet Systems Consortium (ISC) DHCP ist eine weit verbreitete Client- und Server-Implementierung des Dynamic Host Configuration Protokolls (DHCP) unter Unix. Sie erm\u00f6glicht die automatische Verteilung von IP-Informationen, wie z. B. IP-Adresse, Netzwerkmaske, Defaultgateway vom Server zu Clients.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer aus dem benachbarten Netzwerk kann eine Schwachstelle in Internet Systems Consortium DHCP ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1261 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2023-1261.json" }, { "category": "self", "summary": "WID-SEC-2023-1261 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1261" }, { "category": "external", "summary": "Gentoo Linux Security Advisory GLSA-202305-22 vom 2023-05-21", "url": "https://security.gentoo.org/glsa/202305-22" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2021:1841-1 vom 2021-06-02", "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/008914.html" }, { "category": "external", "summary": "Debian Security Advisory DLA-2674 vom 2021-06-03", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00002.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-4969-3 vom 2021-06-07", "url": "https://ubuntu.com/security/notices/USN-4969-3" }, { "category": "external", "summary": "ISC Security Advisory vom 2021-05-26", "url": "https://kb.isc.org/docs/cve-2021-25217" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2021-2359 vom 2021-06-10", "url": "http://linux.oracle.com/errata/ELSA-2021-2359.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2021-2357 vom 2021-06-11", "url": "http://linux.oracle.com/errata/ELSA-2021-2357.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-4969-1 vom 2021-05-27", "url": "https://ubuntu.com/security/notices/USN-4969-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-4969-2 vom 2021-05-27", "url": "https://ubuntu.com/security/notices/USN-4969-2" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2021:1822-1 vom 2021-06-01", "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/008906.html" }, { "category": "external", "summary": "Arch Linux Security Advisory ASA-202106-11 vom 2021-06-01", "url": "https://security.archlinux.org/ASA-202106-11" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2021:14740-1 vom 2021-06-01", "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/008905.html" }, { "category": "external", "summary": "Arch Linux Security Advisory ASA-202106-10 vom 2021-06-01", "url": "https://security.archlinux.org/ASA-202106-10" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2357 vom 2021-06-09", "url": "https://access.redhat.com/errata/RHSA-2021:2357" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2359 vom 2021-06-09", "url": "https://access.redhat.com/errata/RHSA-2021:2359" }, { "category": "external", "summary": "CentOS Security Advisory CESA-2021:2357 vom 2021-06-14", "url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2021-2357-Important-CentOS-7-dhcp-Security-Update-tp4646203.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2418 vom 2021-06-14", "url": "https://access.redhat.com/errata/RHSA-2021:2418" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2420 vom 2021-06-14", "url": "https://access.redhat.com/errata/RHSA-2021:2420" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2419 vom 2021-06-14", "url": "https://access.redhat.com/errata/RHSA-2021:2419" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2414 vom 2021-06-14", "url": "https://access.redhat.com/errata/RHSA-2021:2414" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2416 vom 2021-06-14", "url": "https://access.redhat.com/errata/RHSA-2021:2416" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2405 vom 2021-06-14", "url": "https://access.redhat.com/errata/RHSA-2021:2405" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2415 vom 2021-06-14", "url": "https://access.redhat.com/errata/RHSA-2021:2415" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2021-9314 vom 2021-06-17", "url": "https://linux.oracle.com/errata/ELSA-2021-9314.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2469 vom 2021-06-17", "url": "https://access.redhat.com/errata/RHSA-2021:2469" }, { "category": "external", "summary": "ORACLE OVMSA-2021-0018 vom 2021-06-17", "url": "https://oss.oracle.com/pipermail/oraclevm-errata/2021-June/001018.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2519 vom 2021-06-22", "url": "https://access.redhat.com/errata/RHSA-2021:2519" }, { "category": "external", "summary": "ORACLE OVMSA-2021-0019 vom 2021-06-22", "url": "https://oss.oracle.com/pipermail/oraclevm-errata/2021-June/001019.html" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALAS-2021-1654 vom 2021-06-23", "url": "https://alas.aws.amazon.com/AL2/ALAS-2021-1654.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2555 vom 2021-07-06", "url": "https://access.redhat.com/errata/RHSA-2021:2555" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALAS-2021-1510 vom 2021-07-13", "url": "https://alas.aws.amazon.com/ALAS-2021-1510.html" }, { "category": "external", "summary": "AVAYA Security Advisory ASA-2021-085 vom 2021-07-15", "url": "https://downloads.avaya.com/css/P8/documents/101076672" }, { "category": "external", "summary": "AVAYA Security Advisory ASA-2021-086 vom 2021-07-15", "url": "https://downloads.avaya.com/css/P8/documents/101076674" }, { "category": "external", "summary": "AVAYA Security Advisory ASA-2021-085 vom 2021-07-15", "url": "https://downloads.avaya.com/css/P8/documents/101076673" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:3016 vom 2021-08-06", "url": "https://access.redhat.com/errata/RHSA-2021:3016" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:3119 vom 2021-08-10", "url": "https://access.redhat.com/errata/RHSA-2021:3119" }, { "category": "external", "summary": "F5 Security Advisory K08832573 vom 2022-05-20", "url": "https://support.f5.com/csp/article/K08832573" } ], "source_lang": "en-US", "title": "Internet Systems Consortium DHCP: Schwachstelle erm\u00f6glicht Denial of Service", "tracking": { "current_release_date": "2023-05-21T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:28:22.731+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1261", "initial_release_date": "2021-05-26T22:00:00.000+00:00", "revision_history": [ { "date": "2021-05-26T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2021-05-27T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Fedora und Ubuntu aufgenommen" }, { "date": "2021-06-01T22:00:00.000+00:00", "number": "3", "summary": "Neue Updates von SUSE und Arch Linux aufgenommen" }, { "date": "2021-06-03T22:00:00.000+00:00", "number": "4", "summary": "Neue Updates von SUSE und Debian aufgenommen" }, { "date": "2021-06-07T22:00:00.000+00:00", "number": "5", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2021-06-08T22:00:00.000+00:00", "number": "6", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2021-06-10T22:00:00.000+00:00", "number": "7", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2021-06-14T22:00:00.000+00:00", "number": "8", "summary": "Neue Updates von CentOS und Red Hat aufgenommen" }, { "date": "2021-06-16T22:00:00.000+00:00", "number": "9", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2021-06-17T22:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Red Hat und ORACLE aufgenommen" }, { "date": "2021-06-22T22:00:00.000+00:00", "number": "11", "summary": "Neue Updates von Red Hat und ORACLE aufgenommen" }, { "date": "2021-06-23T22:00:00.000+00:00", "number": "12", "summary": "Neue Updates von Amazon aufgenommen" }, { "date": "2021-07-06T22:00:00.000+00:00", "number": "13", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2021-07-12T22:00:00.000+00:00", "number": "14", "summary": "Neue Updates von Amazon aufgenommen" }, { "date": "2021-07-18T22:00:00.000+00:00", "number": "15", "summary": "Neue Updates von AVAYA aufgenommen" }, { "date": "2021-08-05T22:00:00.000+00:00", "number": "16", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2021-08-10T22:00:00.000+00:00", "number": "17", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2022-05-22T22:00:00.000+00:00", "number": "18", "summary": "Neue Updates von F5 aufgenommen" }, { "date": "2023-05-21T22:00:00.000+00:00", "number": "19", "summary": "Neue Updates von Gentoo aufgenommen" } ], "status": "final", "version": "19" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Amazon Linux 2", "product": { "name": "Amazon Linux 2", "product_id": "398363", "product_identification_helper": { "cpe": "cpe:/o:amazon:linux_2:-" } } } ], "category": "vendor", "name": "Amazon" }, { "branches": [ { "category": "product_name", "name": "Avaya Aura Application Enablement Services", "product": { "name": "Avaya Aura Application Enablement Services", "product_id": "T015516", "product_identification_helper": { "cpe": "cpe:/a:avaya:aura_application_enablement_services:-" } } }, { "category": "product_name", "name": "Avaya Aura Communication Manager", "product": { "name": "Avaya Aura Communication Manager", "product_id": "T015126", "product_identification_helper": { "cpe": "cpe:/a:avaya:communication_manager:-" } } }, { "category": "product_name", "name": "Avaya Aura Session Manager", "product": { "name": "Avaya Aura Session Manager", "product_id": "T015127", "product_identification_helper": { "cpe": "cpe:/a:avaya:session_manager:-" } } }, { "category": "product_name", "name": "Avaya Aura System Manager", "product": { "name": "Avaya Aura System Manager", "product_id": "T015518", "product_identification_helper": { "cpe": "cpe:/a:avaya:aura_system_manager:-" } } }, { "category": "product_name", "name": "Avaya Web License Manager", "product": { "name": "Avaya Web License Manager", "product_id": "T016243", "product_identification_helper": { "cpe": "cpe:/a:avaya:web_license_manager:-" } } } ], "category": "vendor", "name": "Avaya" }, { "branches": [ { "category": "product_name", "name": "Debian Linux", "product": { "name": "Debian Linux", "product_id": "2951", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:-" } } } ], "category": "vendor", "name": "Debian" }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP", "product": { "name": "F5 BIG-IP", "product_id": "T001663", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip:-" } } } ], "category": "vendor", "name": "F5" }, { "branches": [ { "category": "product_name", "name": "Gentoo Linux", "product": { "name": "Gentoo Linux", "product_id": "T012167", "product_identification_helper": { "cpe": "cpe:/o:gentoo:linux:-" } } } ], "category": "vendor", "name": "Gentoo" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Internet Systems Consortium DHCP \u003c 4.1-ESV-R16-P1", "product": { "name": "Internet Systems Consortium DHCP \u003c 4.1-ESV-R16-P1", "product_id": "T019427", "product_identification_helper": { "cpe": "cpe:/a:isc:dhcp:4.1-esv-r16-p1" } } }, { "category": "product_name", "name": "Internet Systems Consortium DHCP \u003c 4.4.2-P1", "product": { "name": "Internet Systems Consortium DHCP \u003c 4.4.2-P1", "product_id": "T019428", "product_identification_helper": { "cpe": "cpe:/a:isc:dhcp:4.4.2-p1" } } } ], "category": "product_name", "name": "DHCP" } ], "category": "vendor", "name": "Internet Systems Consortium" }, { "branches": [ { "category": "product_name", "name": "Open Source Arch Linux", "product": { "name": "Open Source Arch Linux", "product_id": "T013312", "product_identification_helper": { "cpe": "cpe:/o:archlinux:archlinux:-" } } }, { "category": "product_name", "name": "Open Source CentOS", "product": { "name": "Open Source CentOS", "product_id": "1727", "product_identification_helper": { "cpe": "cpe:/o:centos:centos:-" } } } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } }, { "category": "product_name", "name": "Oracle VM 3", "product": { "name": "Oracle VM 3", "product_id": "T019617", "product_identification_helper": { "cpe": "cpe:/a:oracle:vm:3" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "category": "product_name", "name": "Ubuntu Linux", "product": { "name": "Ubuntu Linux", "product_id": "T000126", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category": "vendor", "name": "Ubuntu" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-25217", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in Internet Systems Consortium DHCP. Der Fehler besteht im \"ISC DHCP-Paket\" aufgrund eines Puffer\u00fcberlaufs im Code zum Parsen von Lease-Dateien. Ein anonymer Angreifer aus dem benachbarten Netzwerk kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen." } ], "product_status": { "known_affected": [ "T015518", "67646", "T015516", "T013312", "T015127", "T015126", "T012167", "T004914", "T016243", "2951", "T002207", "T000126", "T001663", "T019617", "398363", "1727" ] }, "release_date": "2021-05-26T22:00:00Z", "title": "CVE-2021-25217" } ] }
wid-sec-w-2023-1261
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Internet Systems Consortium (ISC) DHCP ist eine weit verbreitete Client- und Server-Implementierung des Dynamic Host Configuration Protokolls (DHCP) unter Unix. Sie erm\u00f6glicht die automatische Verteilung von IP-Informationen, wie z. B. IP-Adresse, Netzwerkmaske, Defaultgateway vom Server zu Clients.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer aus dem benachbarten Netzwerk kann eine Schwachstelle in Internet Systems Consortium DHCP ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1261 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2023-1261.json" }, { "category": "self", "summary": "WID-SEC-2023-1261 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1261" }, { "category": "external", "summary": "Gentoo Linux Security Advisory GLSA-202305-22 vom 2023-05-21", "url": "https://security.gentoo.org/glsa/202305-22" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2021:1841-1 vom 2021-06-02", "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/008914.html" }, { "category": "external", "summary": "Debian Security Advisory DLA-2674 vom 2021-06-03", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00002.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-4969-3 vom 2021-06-07", "url": "https://ubuntu.com/security/notices/USN-4969-3" }, { "category": "external", "summary": "ISC Security Advisory vom 2021-05-26", "url": "https://kb.isc.org/docs/cve-2021-25217" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2021-2359 vom 2021-06-10", "url": "http://linux.oracle.com/errata/ELSA-2021-2359.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2021-2357 vom 2021-06-11", "url": "http://linux.oracle.com/errata/ELSA-2021-2357.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-4969-1 vom 2021-05-27", "url": "https://ubuntu.com/security/notices/USN-4969-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-4969-2 vom 2021-05-27", "url": "https://ubuntu.com/security/notices/USN-4969-2" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2021:1822-1 vom 2021-06-01", "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/008906.html" }, { "category": "external", "summary": "Arch Linux Security Advisory ASA-202106-11 vom 2021-06-01", "url": "https://security.archlinux.org/ASA-202106-11" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2021:14740-1 vom 2021-06-01", "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/008905.html" }, { "category": "external", "summary": "Arch Linux Security Advisory ASA-202106-10 vom 2021-06-01", "url": "https://security.archlinux.org/ASA-202106-10" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2357 vom 2021-06-09", "url": "https://access.redhat.com/errata/RHSA-2021:2357" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2359 vom 2021-06-09", "url": "https://access.redhat.com/errata/RHSA-2021:2359" }, { "category": "external", "summary": "CentOS Security Advisory CESA-2021:2357 vom 2021-06-14", "url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2021-2357-Important-CentOS-7-dhcp-Security-Update-tp4646203.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2418 vom 2021-06-14", "url": "https://access.redhat.com/errata/RHSA-2021:2418" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2420 vom 2021-06-14", "url": "https://access.redhat.com/errata/RHSA-2021:2420" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2419 vom 2021-06-14", "url": "https://access.redhat.com/errata/RHSA-2021:2419" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2414 vom 2021-06-14", "url": "https://access.redhat.com/errata/RHSA-2021:2414" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2416 vom 2021-06-14", "url": "https://access.redhat.com/errata/RHSA-2021:2416" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2405 vom 2021-06-14", "url": "https://access.redhat.com/errata/RHSA-2021:2405" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2415 vom 2021-06-14", "url": "https://access.redhat.com/errata/RHSA-2021:2415" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2021-9314 vom 2021-06-17", "url": "https://linux.oracle.com/errata/ELSA-2021-9314.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2469 vom 2021-06-17", "url": "https://access.redhat.com/errata/RHSA-2021:2469" }, { "category": "external", "summary": "ORACLE OVMSA-2021-0018 vom 2021-06-17", "url": "https://oss.oracle.com/pipermail/oraclevm-errata/2021-June/001018.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2519 vom 2021-06-22", "url": "https://access.redhat.com/errata/RHSA-2021:2519" }, { "category": "external", "summary": "ORACLE OVMSA-2021-0019 vom 2021-06-22", "url": "https://oss.oracle.com/pipermail/oraclevm-errata/2021-June/001019.html" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALAS-2021-1654 vom 2021-06-23", "url": "https://alas.aws.amazon.com/AL2/ALAS-2021-1654.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:2555 vom 2021-07-06", "url": "https://access.redhat.com/errata/RHSA-2021:2555" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALAS-2021-1510 vom 2021-07-13", "url": "https://alas.aws.amazon.com/ALAS-2021-1510.html" }, { "category": "external", "summary": "AVAYA Security Advisory ASA-2021-085 vom 2021-07-15", "url": "https://downloads.avaya.com/css/P8/documents/101076672" }, { "category": "external", "summary": "AVAYA Security Advisory ASA-2021-086 vom 2021-07-15", "url": "https://downloads.avaya.com/css/P8/documents/101076674" }, { "category": "external", "summary": "AVAYA Security Advisory ASA-2021-085 vom 2021-07-15", "url": "https://downloads.avaya.com/css/P8/documents/101076673" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:3016 vom 2021-08-06", "url": "https://access.redhat.com/errata/RHSA-2021:3016" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2021:3119 vom 2021-08-10", "url": "https://access.redhat.com/errata/RHSA-2021:3119" }, { "category": "external", "summary": "F5 Security Advisory K08832573 vom 2022-05-20", "url": "https://support.f5.com/csp/article/K08832573" } ], "source_lang": "en-US", "title": "Internet Systems Consortium DHCP: Schwachstelle erm\u00f6glicht Denial of Service", "tracking": { "current_release_date": "2023-05-21T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:28:22.731+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1261", "initial_release_date": "2021-05-26T22:00:00.000+00:00", "revision_history": [ { "date": "2021-05-26T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2021-05-27T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Fedora und Ubuntu aufgenommen" }, { "date": "2021-06-01T22:00:00.000+00:00", "number": "3", "summary": "Neue Updates von SUSE und Arch Linux aufgenommen" }, { "date": "2021-06-03T22:00:00.000+00:00", "number": "4", "summary": "Neue Updates von SUSE und Debian aufgenommen" }, { "date": "2021-06-07T22:00:00.000+00:00", "number": "5", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2021-06-08T22:00:00.000+00:00", "number": "6", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2021-06-10T22:00:00.000+00:00", "number": "7", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2021-06-14T22:00:00.000+00:00", "number": "8", "summary": "Neue Updates von CentOS und Red Hat aufgenommen" }, { "date": "2021-06-16T22:00:00.000+00:00", "number": "9", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2021-06-17T22:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Red Hat und ORACLE aufgenommen" }, { "date": "2021-06-22T22:00:00.000+00:00", "number": "11", "summary": "Neue Updates von Red Hat und ORACLE aufgenommen" }, { "date": "2021-06-23T22:00:00.000+00:00", "number": "12", "summary": "Neue Updates von Amazon aufgenommen" }, { "date": "2021-07-06T22:00:00.000+00:00", "number": "13", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2021-07-12T22:00:00.000+00:00", "number": "14", "summary": "Neue Updates von Amazon aufgenommen" }, { "date": "2021-07-18T22:00:00.000+00:00", "number": "15", "summary": "Neue Updates von AVAYA aufgenommen" }, { "date": "2021-08-05T22:00:00.000+00:00", "number": "16", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2021-08-10T22:00:00.000+00:00", "number": "17", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2022-05-22T22:00:00.000+00:00", "number": "18", "summary": "Neue Updates von F5 aufgenommen" }, { "date": "2023-05-21T22:00:00.000+00:00", "number": "19", "summary": "Neue Updates von Gentoo aufgenommen" } ], "status": "final", "version": "19" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Amazon Linux 2", "product": { "name": "Amazon Linux 2", "product_id": "398363", "product_identification_helper": { "cpe": "cpe:/o:amazon:linux_2:-" } } } ], "category": "vendor", "name": "Amazon" }, { "branches": [ { "category": "product_name", "name": "Avaya Aura Application Enablement Services", "product": { "name": "Avaya Aura Application Enablement Services", "product_id": "T015516", "product_identification_helper": { "cpe": "cpe:/a:avaya:aura_application_enablement_services:-" } } }, { "category": "product_name", "name": "Avaya Aura Communication Manager", "product": { "name": "Avaya Aura Communication Manager", "product_id": "T015126", "product_identification_helper": { "cpe": "cpe:/a:avaya:communication_manager:-" } } }, { "category": "product_name", "name": "Avaya Aura Session Manager", "product": { "name": "Avaya Aura Session Manager", "product_id": "T015127", "product_identification_helper": { "cpe": "cpe:/a:avaya:session_manager:-" } } }, { "category": "product_name", "name": "Avaya Aura System Manager", "product": { "name": "Avaya Aura System Manager", "product_id": "T015518", "product_identification_helper": { "cpe": "cpe:/a:avaya:aura_system_manager:-" } } }, { "category": "product_name", "name": "Avaya Web License Manager", "product": { "name": "Avaya Web License Manager", "product_id": "T016243", "product_identification_helper": { "cpe": "cpe:/a:avaya:web_license_manager:-" } } } ], "category": "vendor", "name": "Avaya" }, { "branches": [ { "category": "product_name", "name": "Debian Linux", "product": { "name": "Debian Linux", "product_id": "2951", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:-" } } } ], "category": "vendor", "name": "Debian" }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP", "product": { "name": "F5 BIG-IP", "product_id": "T001663", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip:-" } } } ], "category": "vendor", "name": "F5" }, { "branches": [ { "category": "product_name", "name": "Gentoo Linux", "product": { "name": "Gentoo Linux", "product_id": "T012167", "product_identification_helper": { "cpe": "cpe:/o:gentoo:linux:-" } } } ], "category": "vendor", "name": "Gentoo" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Internet Systems Consortium DHCP \u003c 4.1-ESV-R16-P1", "product": { "name": "Internet Systems Consortium DHCP \u003c 4.1-ESV-R16-P1", "product_id": "T019427", "product_identification_helper": { "cpe": "cpe:/a:isc:dhcp:4.1-esv-r16-p1" } } }, { "category": "product_name", "name": "Internet Systems Consortium DHCP \u003c 4.4.2-P1", "product": { "name": "Internet Systems Consortium DHCP \u003c 4.4.2-P1", "product_id": "T019428", "product_identification_helper": { "cpe": "cpe:/a:isc:dhcp:4.4.2-p1" } } } ], "category": "product_name", "name": "DHCP" } ], "category": "vendor", "name": "Internet Systems Consortium" }, { "branches": [ { "category": "product_name", "name": "Open Source Arch Linux", "product": { "name": "Open Source Arch Linux", "product_id": "T013312", "product_identification_helper": { "cpe": "cpe:/o:archlinux:archlinux:-" } } }, { "category": "product_name", "name": "Open Source CentOS", "product": { "name": "Open Source CentOS", "product_id": "1727", "product_identification_helper": { "cpe": "cpe:/o:centos:centos:-" } } } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } }, { "category": "product_name", "name": "Oracle VM 3", "product": { "name": "Oracle VM 3", "product_id": "T019617", "product_identification_helper": { "cpe": "cpe:/a:oracle:vm:3" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "category": "product_name", "name": "Ubuntu Linux", "product": { "name": "Ubuntu Linux", "product_id": "T000126", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category": "vendor", "name": "Ubuntu" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-25217", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in Internet Systems Consortium DHCP. Der Fehler besteht im \"ISC DHCP-Paket\" aufgrund eines Puffer\u00fcberlaufs im Code zum Parsen von Lease-Dateien. Ein anonymer Angreifer aus dem benachbarten Netzwerk kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen." } ], "product_status": { "known_affected": [ "T015518", "67646", "T015516", "T013312", "T015127", "T015126", "T012167", "T004914", "T016243", "2951", "T002207", "T000126", "T001663", "T019617", "398363", "1727" ] }, "release_date": "2021-05-26T22:00:00Z", "title": "CVE-2021-25217" } ] }
WID-SEC-W-2023-0063
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Junos Space ist eine Software-Plattform, die eine Reihe von Applikationen f\u00fcr das Netzwerkmanagement beinhaltet.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Juniper Junos Space ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern.", "title": "Angriff" }, { "category": "general", "text": "- Juniper Appliance", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0063 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-0063.json" }, { "category": "self", "summary": "WID-SEC-2023-0063 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0063" }, { "category": "external", "summary": "Juniper Security Advisory JSA70182 vom 2023-01-12", "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Contrail-Service-Orchestration-Multiple-vulnerabilities-resolved-in-CSO-6-3-0?language=en_US" }, { "category": "external", "summary": "Juniper Security Advisory vom 2022-01-12", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11287\u0026cat=SIRT_1" } ], "source_lang": "en-US", "title": "Juniper Junos Space: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-01-11T23:00:00.000+00:00", "generator": { "date": "2024-02-15T17:09:11.163+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-0063", "initial_release_date": "2022-01-12T23:00:00.000+00:00", "revision_history": [ { "date": "2022-01-12T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-01-11T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Juniper aufgenommen" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Juniper Contrail Service Orchestration", "product": { "name": "Juniper Contrail Service Orchestration", "product_id": "T025794", "product_identification_helper": { "cpe": "cpe:/a:juniper:contrail_service_orchestration:-" } } }, { "category": "product_name", "name": "Juniper Junos Space \u003c 21.3R1", "product": { "name": "Juniper Junos Space \u003c 21.3R1", "product_id": "T021576", "product_identification_helper": { "cpe": "cpe:/a:juniper:junos_space:21.3r1" } } } ], "category": "vendor", "name": "Juniper" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-17543", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2019-17543" }, { "cve": "CVE-2019-20934", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2019-20934" }, { "cve": "CVE-2020-0543", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-0543" }, { "cve": "CVE-2020-0548", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-0548" }, { "cve": "CVE-2020-0549", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-0549" }, { "cve": "CVE-2020-11022", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11022" }, { "cve": "CVE-2020-11023", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11023" }, { "cve": "CVE-2020-11668", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11668" }, { "cve": "CVE-2020-11984", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11984" }, { "cve": "CVE-2020-11993", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-11993" }, { "cve": "CVE-2020-12362", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-12362" }, { "cve": "CVE-2020-12363", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-12363" }, { "cve": "CVE-2020-12364", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-12364" }, { "cve": "CVE-2020-1927", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-1927" }, { "cve": "CVE-2020-1934", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-1934" }, { "cve": "CVE-2020-24489", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-24489" }, { "cve": "CVE-2020-24511", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-24511" }, { "cve": "CVE-2020-24512", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-24512" }, { "cve": "CVE-2020-27170", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-27170" }, { "cve": "CVE-2020-27777", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-27777" }, { "cve": "CVE-2020-29443", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-29443" }, { "cve": "CVE-2020-8625", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8625" }, { "cve": "CVE-2020-8648", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8648" }, { "cve": "CVE-2020-8695", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8695" }, { "cve": "CVE-2020-8696", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8696" }, { "cve": "CVE-2020-8698", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-8698" }, { "cve": "CVE-2020-9490", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2020-9490" }, { "cve": "CVE-2021-20254", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-20254" }, { "cve": "CVE-2021-22555", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-22555" }, { "cve": "CVE-2021-22901", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-22901" }, { "cve": "CVE-2021-2341", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2341" }, { "cve": "CVE-2021-2342", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2342" }, { "cve": "CVE-2021-2356", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2356" }, { "cve": "CVE-2021-2369", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2369" }, { "cve": "CVE-2021-2372", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2372" }, { "cve": "CVE-2021-2385", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2385" }, { "cve": "CVE-2021-2388", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2388" }, { "cve": "CVE-2021-2389", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2389" }, { "cve": "CVE-2021-2390", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-2390" }, { "cve": "CVE-2021-25214", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-25214" }, { "cve": "CVE-2021-25217", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-25217" }, { "cve": "CVE-2021-27219", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-27219" }, { "cve": "CVE-2021-29154", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-29154" }, { "cve": "CVE-2021-29650", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-29650" }, { "cve": "CVE-2021-31535", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-31535" }, { "cve": "CVE-2021-32399", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-32399" }, { "cve": "CVE-2021-33033", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-33033" }, { "cve": "CVE-2021-33034", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-33034" }, { "cve": "CVE-2021-3347", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3347" }, { "cve": "CVE-2021-33909", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-33909" }, { "cve": "CVE-2021-3653", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3653" }, { "cve": "CVE-2021-3656", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3656" }, { "cve": "CVE-2021-3715", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-3715" }, { "cve": "CVE-2021-37576", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-37576" }, { "cve": "CVE-2021-4104", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-4104" }, { "cve": "CVE-2021-42550", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-42550" }, { "cve": "CVE-2021-44228", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-44228" }, { "cve": "CVE-2021-45046", "notes": [ { "category": "description", "text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T025794" ] }, "release_date": "2022-01-12T23:00:00Z", "title": "CVE-2021-45046" } ] }
icsa-22-258-05
Vulnerability from csaf_cisa
Notes
{ "document": { "acknowledgments": [ { "organization": "Siemens", "summary": "reporting these vulnerabilities to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en-US", "notes": [ { "category": "general", "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", "title": "CISA Disclaimer" }, { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "summary", "text": "Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition, disclose sensitive data, or violate the system integrity.", "title": "Risk evaluation" }, { "category": "other", "text": "Multiple", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "Germany", "title": "Company headquarters location" }, { "category": "general", "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:", "title": "Recommended Practices" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", "title": "Additional Resources" }, { "category": "other", "text": "No known public exploits specifically target these vulnerabilities.", "title": "Exploitability" } ], "publisher": { "category": "coordinator", "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "external", "summary": "SSA-637483 Third-Party Component Vulnerabilities in SINEC INS before V1.0 SP2 - CSAF Version", "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-637483.json" }, { "category": "self", "summary": "ICS Advisory ICSA-22-258-05 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-258-05.json" }, { "category": "self", "summary": "ICS Advisory ICSA-22-258-05 Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-258-05" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-258-05" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "SSA-637483 Third-Party Component Vulnerabilities in SINEC INS before V1.0 SP2 - PDF Version", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf" }, { "category": "external", "summary": "SSA-637483 Third-Party Component Vulnerabilities in SINEC INS before V1.0 SP2 - TXT Version", "url": "https://cert-portal.siemens.com/productcert/txt/ssa-637483.txt" } ], "title": "Siemens SINEC INS", "tracking": { "current_release_date": "2022-09-15T00:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-22-258-05", "initial_release_date": "2022-09-15T00:00:00.000000Z", "revision_history": [ { "date": "2022-09-15T00:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "Publication Date" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c V1.0 SP2", "product": { "name": "SINEC INS", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "SINEC INS" } ], "category": "vendor", "name": "Siemens" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-7793", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7793" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2020-7793" }, { "cve": "CVE-2020-12762", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12762" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2020-12762" }, { "cve": "CVE-2020-28168", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "notes": [ { "category": "summary", "text": "Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-28168" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2020-28168" }, { "cve": "CVE-2020-28500", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-28500" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2020-28500" }, { "cve": "CVE-2021-3749", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "axios is vulnerable to Inefficient Regular Expression Complexity", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3749" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2021-3749" }, { "cve": "CVE-2021-4160", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb).", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4160" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2021-4160" }, { "cve": "CVE-2021-23337", "cwe": { "id": "CWE-77", "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)" }, "notes": [ { "category": "summary", "text": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23337" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2021-23337" }, { "cve": "CVE-2021-23839", "cwe": { "id": "CWE-326", "name": "Inadequate Encryption Strength" }, "notes": [ { "category": "summary", "text": "OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this indicates that a version rollback has occurred (i.e. both client and server support greater than SSLv2, and yet this is the version that is being requested). The implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present, and rejected if it is absent. This means that such as server will accept a connection if a version rollback attack has occurred. Further the server will erroneously reject a connection if a normal SSLv2 connection attempt is made. Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this issue. In order to be vulnerable a 1.0.2 server must: 1) have configured SSLv2 support at compile time (this is off by default), 2) have configured SSLv2 support at runtime (this is off by default), 3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite list) OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to this issue. The underlying error is in the implementation of the RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING padding mode used by various other functions. Although 1.1.1 does not support SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the RSA_SSLV23_PADDING padding mode. Applications that directly call that function or use that padding mode will encounter this issue. However since there is no support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a security issue in that version. OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x).", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23839" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 3.7, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2021-23839" }, { "cve": "CVE-2021-23841", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23841" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2021-23841" }, { "cve": "CVE-2021-25217", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "The affected products contain the third party component, ISC DHCP, that possesses a vulnerability if used as a DHCP client or server. The vulnerability affects the DHCP package when storing and reading DHCP lease information containing particular option information.\r\n\r\nAn attacker could exploit this vulnerability to affect the availability of the DHCP client or server, or in the worst case affect the confidentiality or integrity of device through a buffer overflow or cause a remote-code execution.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-25217" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2021-25217" }, { "cve": "CVE-2021-25220", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "BIND 9.11.0 -\u003e 9.11.36 9.12.0 -\u003e 9.16.26 9.17.0 -\u003e 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -\u003e 9.11.36-S1 9.16.8-S1 -\u003e 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-25220" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.6, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2021-25220" }, { "cve": "CVE-2022-0155", "cwe": { "id": "CWE-359", "name": "Exposure of Private Personal Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0155" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2022-0155" }, { "cve": "CVE-2022-0235", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "notes": [ { "category": "summary", "text": "node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0235" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2022-0235" }, { "cve": "CVE-2022-0396", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "summary", "text": "BIND 9.16.11 -\u003e 9.16.26, 9.17.0 -\u003e 9.18.0 and versions 9.16.11-S1 -\u003e 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0396" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2022-0396" } ] }
ICSA-22-258-05
Vulnerability from csaf_cisa
Notes
{ "document": { "acknowledgments": [ { "organization": "Siemens", "summary": "reporting these vulnerabilities to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en-US", "notes": [ { "category": "general", "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", "title": "CISA Disclaimer" }, { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "summary", "text": "Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition, disclose sensitive data, or violate the system integrity.", "title": "Risk evaluation" }, { "category": "other", "text": "Multiple", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "Germany", "title": "Company headquarters location" }, { "category": "general", "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:", "title": "Recommended Practices" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", "title": "Additional Resources" }, { "category": "other", "text": "No known public exploits specifically target these vulnerabilities.", "title": "Exploitability" } ], "publisher": { "category": "coordinator", "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "external", "summary": "SSA-637483 Third-Party Component Vulnerabilities in SINEC INS before V1.0 SP2 - CSAF Version", "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-637483.json" }, { "category": "self", "summary": "ICS Advisory ICSA-22-258-05 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-258-05.json" }, { "category": "self", "summary": "ICS Advisory ICSA-22-258-05 Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-258-05" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-258-05" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "SSA-637483 Third-Party Component Vulnerabilities in SINEC INS before V1.0 SP2 - PDF Version", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf" }, { "category": "external", "summary": "SSA-637483 Third-Party Component Vulnerabilities in SINEC INS before V1.0 SP2 - TXT Version", "url": "https://cert-portal.siemens.com/productcert/txt/ssa-637483.txt" } ], "title": "Siemens SINEC INS", "tracking": { "current_release_date": "2022-09-15T00:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-22-258-05", "initial_release_date": "2022-09-15T00:00:00.000000Z", "revision_history": [ { "date": "2022-09-15T00:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "Publication Date" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c V1.0 SP2", "product": { "name": "SINEC INS", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "SINEC INS" } ], "category": "vendor", "name": "Siemens" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-7793", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7793" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2020-7793" }, { "cve": "CVE-2020-12762", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12762" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2020-12762" }, { "cve": "CVE-2020-28168", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "notes": [ { "category": "summary", "text": "Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-28168" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2020-28168" }, { "cve": "CVE-2020-28500", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-28500" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2020-28500" }, { "cve": "CVE-2021-3749", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "axios is vulnerable to Inefficient Regular Expression Complexity", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3749" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2021-3749" }, { "cve": "CVE-2021-4160", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb).", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4160" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2021-4160" }, { "cve": "CVE-2021-23337", "cwe": { "id": "CWE-77", "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)" }, "notes": [ { "category": "summary", "text": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23337" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2021-23337" }, { "cve": "CVE-2021-23839", "cwe": { "id": "CWE-326", "name": "Inadequate Encryption Strength" }, "notes": [ { "category": "summary", "text": "OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this indicates that a version rollback has occurred (i.e. both client and server support greater than SSLv2, and yet this is the version that is being requested). The implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present, and rejected if it is absent. This means that such as server will accept a connection if a version rollback attack has occurred. Further the server will erroneously reject a connection if a normal SSLv2 connection attempt is made. Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this issue. In order to be vulnerable a 1.0.2 server must: 1) have configured SSLv2 support at compile time (this is off by default), 2) have configured SSLv2 support at runtime (this is off by default), 3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite list) OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to this issue. The underlying error is in the implementation of the RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING padding mode used by various other functions. Although 1.1.1 does not support SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the RSA_SSLV23_PADDING padding mode. Applications that directly call that function or use that padding mode will encounter this issue. However since there is no support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a security issue in that version. OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x).", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23839" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 3.7, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2021-23839" }, { "cve": "CVE-2021-23841", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23841" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2021-23841" }, { "cve": "CVE-2021-25217", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "The affected products contain the third party component, ISC DHCP, that possesses a vulnerability if used as a DHCP client or server. The vulnerability affects the DHCP package when storing and reading DHCP lease information containing particular option information.\r\n\r\nAn attacker could exploit this vulnerability to affect the availability of the DHCP client or server, or in the worst case affect the confidentiality or integrity of device through a buffer overflow or cause a remote-code execution.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-25217" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2021-25217" }, { "cve": "CVE-2021-25220", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "BIND 9.11.0 -\u003e 9.11.36 9.12.0 -\u003e 9.16.26 9.17.0 -\u003e 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -\u003e 9.11.36-S1 9.16.8-S1 -\u003e 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-25220" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.6, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2021-25220" }, { "cve": "CVE-2022-0155", "cwe": { "id": "CWE-359", "name": "Exposure of Private Personal Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0155" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2022-0155" }, { "cve": "CVE-2022-0235", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "notes": [ { "category": "summary", "text": "node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0235" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2022-0235" }, { "cve": "CVE-2022-0396", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "summary", "text": "BIND 9.16.11 -\u003e 9.16.26, 9.17.0 -\u003e 9.18.0 and versions 9.16.11-S1 -\u003e 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0396" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "vendor_fix", "details": "Update to V1.0 SP2 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2022-0396" } ] }
var-202105-1325
Vulnerability from variot
In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted. There is a discrepancy between the code that handles encapsulated option information in leases transmitted "on the wire" and the code which reads and parses lease information after it has been written to disk storage. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability. (CVE-2021-25217). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: dhcp security update Advisory ID: RHSA-2021:2469-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2469 Issue date: 2021-06-17 CVE Names: CVE-2021-25217 =====================================================================
- Summary:
An update for dhcp is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.6) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.6) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.6) - x86_64
- Description:
The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.
Security Fix(es):
- dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1963258 - CVE-2021-25217 dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient
- Package List:
Red Hat Enterprise Linux Server AUS (v. 7.6):
Source: dhcp-4.2.5-69.el7_6.1.src.rpm
x86_64: dhclient-4.2.5-69.el7_6.1.x86_64.rpm dhcp-4.2.5-69.el7_6.1.x86_64.rpm dhcp-common-4.2.5-69.el7_6.1.x86_64.rpm dhcp-debuginfo-4.2.5-69.el7_6.1.i686.rpm dhcp-debuginfo-4.2.5-69.el7_6.1.x86_64.rpm dhcp-libs-4.2.5-69.el7_6.1.i686.rpm dhcp-libs-4.2.5-69.el7_6.1.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.6):
Source: dhcp-4.2.5-69.el7_6.1.src.rpm
ppc64le: dhclient-4.2.5-69.el7_6.1.ppc64le.rpm dhcp-4.2.5-69.el7_6.1.ppc64le.rpm dhcp-common-4.2.5-69.el7_6.1.ppc64le.rpm dhcp-debuginfo-4.2.5-69.el7_6.1.ppc64le.rpm dhcp-libs-4.2.5-69.el7_6.1.ppc64le.rpm
x86_64: dhclient-4.2.5-69.el7_6.1.x86_64.rpm dhcp-4.2.5-69.el7_6.1.x86_64.rpm dhcp-common-4.2.5-69.el7_6.1.x86_64.rpm dhcp-debuginfo-4.2.5-69.el7_6.1.i686.rpm dhcp-debuginfo-4.2.5-69.el7_6.1.x86_64.rpm dhcp-libs-4.2.5-69.el7_6.1.i686.rpm dhcp-libs-4.2.5-69.el7_6.1.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.6):
Source: dhcp-4.2.5-69.el7_6.1.src.rpm
x86_64: dhclient-4.2.5-69.el7_6.1.x86_64.rpm dhcp-4.2.5-69.el7_6.1.x86_64.rpm dhcp-common-4.2.5-69.el7_6.1.x86_64.rpm dhcp-debuginfo-4.2.5-69.el7_6.1.i686.rpm dhcp-debuginfo-4.2.5-69.el7_6.1.x86_64.rpm dhcp-libs-4.2.5-69.el7_6.1.i686.rpm dhcp-libs-4.2.5-69.el7_6.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.6):
x86_64: dhcp-debuginfo-4.2.5-69.el7_6.1.i686.rpm dhcp-debuginfo-4.2.5-69.el7_6.1.x86_64.rpm dhcp-devel-4.2.5-69.el7_6.1.i686.rpm dhcp-devel-4.2.5-69.el7_6.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional E4S (v. 7.6):
ppc64le: dhcp-debuginfo-4.2.5-69.el7_6.1.ppc64le.rpm dhcp-devel-4.2.5-69.el7_6.1.ppc64le.rpm
x86_64: dhcp-debuginfo-4.2.5-69.el7_6.1.i686.rpm dhcp-debuginfo-4.2.5-69.el7_6.1.x86_64.rpm dhcp-devel-4.2.5-69.el7_6.1.i686.rpm dhcp-devel-4.2.5-69.el7_6.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 7.6):
x86_64: dhcp-debuginfo-4.2.5-69.el7_6.1.i686.rpm dhcp-debuginfo-4.2.5-69.el7_6.1.x86_64.rpm dhcp-devel-4.2.5-69.el7_6.1.i686.rpm dhcp-devel-4.2.5-69.el7_6.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-25217 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYMs0KtzjgjWX9erEAQis7xAAhh3MBohMBq6bZd6sPasNG4rPX+Xh5AWf D+6WNTQLV1u1IU4ZzGKVMtBNSfCd8m727z/L0d4wBof06ngUXHkdR4AEzn5uuWSz lHzlgbpmvqxeBnXrHOG1WE43JNXHSsj0u8eARsLxEU4/rxnbLVOj5dMJkdWmXN61 DocHHFVw6GmdZSCr6/tLjvG57fWtVLQF4SpEdhXz55iNZ1l6y09FDtoom/FuXIcG VnsUpsu/iWMFaUaVQH3sFVLksl39IrHFQxvskXR+FHAPzb8vVuKyNihJ5b3BUhfh jTUKPxLO+X0/K9+cNFVSuSTPr7eHpRRHdUbFIHcUB0s1ACOnmvHr6G8FaVAi9BQZ 6hzWcOFOZS7fF4TnXF3q0yDAKApRwlyF1PP21u1XdCb17Z4+E2LZF0nqnbb3hCxV JfnsadNc2Re/gc3u1bOGQb56ylc7LC74BeMDoJSeldqdPeT5JUc8XRRCyWHjVcjD Bj1kD90FbD3Z3jRAvASgKg4KU1xqEZidHyL/qHo9YTS0h9lqc2iWb0n3/4RU0E8k OuNPpWxkzt1uGQl3iJbQH4TOsIQtqoDFOaCaPMbol44fnm69Q52zRBBr6AHVhEcY iOpTa2PUFK3FLfhkfUCHcCRVXqXeewefcODTWs2Jwx6/sl7nsZpWMNlV8+rdUmXR BuvubM0bUt8= =mdD7 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . 6 ELS) - i386, s390x, x86_64
- These packages include redhat-release-virtualization-host. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - -minor
- Solution:
For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html
Details on how to access this content are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -cli.html
- ========================================================================= Ubuntu Security Notice USN-4969-2 May 27, 2021
isc-dhcp vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
DHCP could be made to crash if it received specially crafted network traffic.
Software Description: - isc-dhcp: DHCP server and client
Details:
USN-4969-1 fixed a vulnerability in DHCP. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM.
Original advisory details:
Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly handled lease file parsing. A remote attacker could possibly use this issue to cause DHCP to crash, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 ESM: isc-dhcp-client 4.3.3-5ubuntu12.10+esm1 isc-dhcp-server 4.3.3-5ubuntu12.10+esm1
Ubuntu 14.04 ESM: isc-dhcp-client 4.2.4-7ubuntu12.13+esm1 isc-dhcp-server 4.2.4-7ubuntu12.13+esm1
In general, a standard system update will make all the necessary changes. 7.7) - ppc64, ppc64le, s390x, x86_64
-
8) - aarch64, noarch, ppc64le, s390x, x86_64
-
Description:
Red Hat Advanced Cluster Management for Kubernetes 2.3.0 images
Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana gement_for_kubernetes/2.3/html/release_notes/
Security:
-
fastify-reply-from: crafted URL allows prefix scape of the proxied backend service (CVE-2021-21321)
-
fastify-http-proxy: crafted URL allows prefix scape of the proxied backend service (CVE-2021-21322)
-
nodejs-netmask: improper input validation of octal input data (CVE-2021-28918)
-
redis: Integer overflow via STRALGO LCS command (CVE-2021-29477)
-
redis: Integer overflow via COPY command for large intsets (CVE-2021-29478)
-
nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)
-
nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions (CVE-2020-28500)
-
golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing
-
-u- extension (CVE-2020-28851)
-
golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852)
-
nodejs-ansi_up: XSS due to insufficient URL sanitization (CVE-2021-3377)
-
oras: zip-slip vulnerability via oras-pull (CVE-2021-21272)
-
redis: integer overflow when configurable limit for maximum supported bulk input size is too big on 32-bit platforms (CVE-2021-21309)
-
nodejs-lodash: command injection via template (CVE-2021-23337)
-
nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl() (CVE-2021-23362)
-
browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS) (CVE-2021-23364)
-
nodejs-postcss: Regular expression denial of service during source map parsing (CVE-2021-23368)
-
nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option (CVE-2021-23369)
-
nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js (CVE-2021-23382)
-
nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true option (CVE-2021-23383)
-
openssl: integer overflow in CipherUpdate (CVE-2021-23840)
-
openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841)
-
nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292)
-
grafana: snapshot feature allow an unauthenticated remote attacker to trigger a DoS via a remote API call (CVE-2021-27358)
-
nodejs-is-svg: ReDoS via malicious string (CVE-2021-28092)
-
nodejs-netmask: incorrectly parses an IP address that has octal integer with invalid character (CVE-2021-29418)
-
ulikunitz/xz: Infinite loop in readUvarint allows for denial of service (CVE-2021-29482)
-
normalize-url: ReDoS for data URLs (CVE-2021-33502)
-
nodejs-trim-newlines: ReDoS in .end() method (CVE-2021-33623)
-
nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe (CVE-2021-23343)
-
html-parse-stringify: Regular Expression DoS (CVE-2021-23346)
-
openssl: incorrect SSLv2 rollback protection (CVE-2021-23839)
For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section.
Bugs:
-
RFE Make the source code for the endpoint-metrics-operator public (BZ# 1913444)
-
cluster became offline after apiserver health check (BZ# 1942589)
-
Bugs fixed (https://bugzilla.redhat.com/):
1913333 - CVE-2020-28851 golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension 1913338 - CVE-2020-28852 golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag 1913444 - RFE Make the source code for the endpoint-metrics-operator public 1921286 - CVE-2021-21272 oras: zip-slip vulnerability via oras-pull 1927520 - RHACM 2.3.0 images 1928937 - CVE-2021-23337 nodejs-lodash: command injection via template 1928954 - CVE-2020-28500 nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions 1930294 - CVE-2021-23839 openssl: incorrect SSLv2 rollback protection 1930310 - CVE-2021-23841 openssl: NULL pointer dereference in X509_issuer_and_serial_hash() 1930324 - CVE-2021-23840 openssl: integer overflow in CipherUpdate 1932634 - CVE-2021-21309 redis: integer overflow when configurable limit for maximum supported bulk input size is too big on 32-bit platforms 1936427 - CVE-2021-3377 nodejs-ansi_up: XSS due to insufficient URL sanitization 1939103 - CVE-2021-28092 nodejs-is-svg: ReDoS via malicious string 1940196 - View Resource YAML option shows 404 error when reviewing a Subscription for an application 1940613 - CVE-2021-27292 nodejs-ua-parser-js: ReDoS via malicious User-Agent header 1941024 - CVE-2021-27358 grafana: snapshot feature allow an unauthenticated remote attacker to trigger a DoS via a remote API call 1941675 - CVE-2021-23346 html-parse-stringify: Regular Expression DoS 1942178 - CVE-2021-21321 fastify-reply-from: crafted URL allows prefix scape of the proxied backend service 1942182 - CVE-2021-21322 fastify-http-proxy: crafted URL allows prefix scape of the proxied backend service 1942589 - cluster became offline after apiserver health check 1943208 - CVE-2021-23362 nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl() 1944822 - CVE-2021-29418 nodejs-netmask: incorrectly parses an IP address that has octal integer with invalid character 1944827 - CVE-2021-28918 nodejs-netmask: improper input validation of octal input data 1945459 - CVE-2020-28469 nodejs-glob-parent: Regular expression denial of service 1948761 - CVE-2021-23369 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option 1948763 - CVE-2021-23368 nodejs-postcss: Regular expression denial of service during source map parsing 1954150 - CVE-2021-23382 nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js 1954368 - CVE-2021-29482 ulikunitz/xz: Infinite loop in readUvarint allows for denial of service 1955619 - CVE-2021-23364 browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS) 1956688 - CVE-2021-23383 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true option 1956818 - CVE-2021-23343 nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe 1957410 - CVE-2021-29477 redis: Integer overflow via STRALGO LCS command 1957414 - CVE-2021-29478 redis: Integer overflow via COPY command for large intsets 1964461 - CVE-2021-33502 normalize-url: ReDoS for data URLs 1966615 - CVE-2021-33623 nodejs-trim-newlines: ReDoS in .end() method 1968122 - clusterdeployment fails because hiveadmission sc does not have correct permissions 1972703 - Subctl fails to join cluster, since it cannot auto-generate a valid cluster id 1983131 - Defragmenting an etcd member doesn't reduce the DB size (7.5GB) on a setup with ~1000 spoke clusters
-
Gentoo Linux Security Advisory GLSA 202305-22
https://security.gentoo.org/
Severity: Normal Title: ISC DHCP: Multiple Vulnerabilities Date: May 03, 2023 Bugs: #875521, #792324 ID: 202305-22
Synopsis
Multiple vulnerabilities have been discovered in ISC DHCP, the worst of which could result in denial of service.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-misc/dhcp < 4.4.3_p1 >= 4.4.3_p1
Description
Multiple vulnerabilities have been discovered in ISC DHCP. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All ISC DHCP users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/dhcp-4.4.3_p1"
References
[ 1 ] CVE-2021-25217 https://nvd.nist.gov/vuln/detail/CVE-2021-25217 [ 2 ] CVE-2022-2928 https://nvd.nist.gov/vuln/detail/CVE-2022-2928 [ 3 ] CVE-2022-2929 https://nvd.nist.gov/vuln/detail/CVE-2022-2929
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202305-22
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202105-1325", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "dhcp", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "4.1-esv" }, { "model": "ruggedcom rox rx1500", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.15.0" }, { "model": "ruggedcom rox rx1511", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.3.0" }, { "model": "ruggedcom rox rx1400", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.15.0" }, { "model": "ruggedcom rox rx1536", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.15.0" }, { "model": "ruggedcom rox rx5000", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.15.0" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "debian", "version": "9.0" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "34" }, { "model": "ruggedcom rox rx1512", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.15.0" }, { "model": "ruggedcom rox rx5000", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.3.0" }, { "model": "dhcp", "scope": "lte", "trust": 1.0, "vendor": "isc", "version": "4.4.2" }, { "model": "ruggedcom rox rx1524", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.15.0" }, { "model": "ruggedcom rox rx1501", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.3.0" }, { "model": "ruggedcom rox rx1501", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.15.0" }, { "model": "ruggedcom rox rx1510", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.15.0" }, { "model": "ruggedcom rox mx5000", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.3.0" }, { "model": "ruggedcom rox rx1512", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.3.0" }, { "model": "ruggedcom rox mx5000", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.15.0" }, { "model": "ontap select deploy administration utility", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "solidfire \\\u0026 hci management node", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "ruggedcom rox rx1510", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.3.0" }, { "model": "sinec ins", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "1.0" }, { "model": "ruggedcom rox rx1500", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "2.3.0" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "33" }, { "model": "ruggedcom rox rx1511", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.15.0" }, { "model": "dhcp", "scope": "gte", "trust": 1.0, "vendor": "isc", "version": "4.4.0" }, { "model": "sinec ins", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.0" } ], "sources": [ { "db": "NVD", "id": "CVE-2021-25217" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r12:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r11_rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r11_b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r10_b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r12_b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r11_rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r10_rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r12_p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r13:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r13_b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r14:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r14_b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r15:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r10b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r10rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r11b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r11rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r11rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r12-p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r12b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r13b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r14b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r16:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.4.2", "versionStartIncluding": "4.4.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r15-p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r15_b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "versionStartIncluding": "2.3.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "versionStartIncluding": "2.3.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "versionStartIncluding": "2.3.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "versionStartIncluding": "2.3.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "versionStartIncluding": "2.3.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "versionStartIncluding": "2.3.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "versionStartIncluding": "2.3.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:solidfire_\\\u0026_hci_management_node:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2021-25217" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Red Hat", "sources": [ { "db": "PACKETSTORM", "id": "163196" }, { "db": "PACKETSTORM", "id": "163151" }, { "db": "PACKETSTORM", "id": "163240" }, { "db": "PACKETSTORM", "id": "163400" }, { "db": "PACKETSTORM", "id": "163129" }, { "db": "PACKETSTORM", "id": "163137" }, { "db": "PACKETSTORM", "id": "163140" }, { "db": "PACKETSTORM", "id": "163052" }, { "db": "PACKETSTORM", "id": "163747" } ], "trust": 0.9 }, "cve": "CVE-2021-25217", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 3.3, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "PARTIAL", "baseScore": 3.3, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "CVE-2021-25217", "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "LOW", "trust": 0.1, "userInteractionRequired": null, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "impactScore": 4.0, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" } ], "severity": [ { "author": "NVD", "id": "CVE-2021-25217", "trust": 1.0, "value": "HIGH" }, { "author": "security-officer@isc.org", "id": "CVE-2021-25217", "trust": 1.0, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2021-25217", "trust": 0.1, "value": "LOW" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-25217" }, { "db": "NVD", "id": "CVE-2021-25217" }, { "db": "NVD", "id": "CVE-2021-25217" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "In ISC DHCP 4.1-ESV-R1 -\u003e 4.1-ESV-R16, ISC DHCP 4.4.0 -\u003e 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted. There is a discrepancy between the code that handles encapsulated option information in leases transmitted \"on the wire\" and the code which reads and parses lease information after it has been written to disk storage. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability. (CVE-2021-25217). -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: dhcp security update\nAdvisory ID: RHSA-2021:2469-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:2469\nIssue date: 2021-06-17\nCVE Names: CVE-2021-25217 \n=====================================================================\n\n1. Summary:\n\nAn update for dhcp is now available for Red Hat Enterprise Linux 7.6\nAdvanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update\nSupport, and Red Hat Enterprise Linux 7.6 Update Services for SAP\nSolutions. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 7.6) - x86_64\nRed Hat Enterprise Linux Server E4S (v. 7.6) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 7.6) - x86_64\nRed Hat Enterprise Linux Server Optional E4S (v. 7.6) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 7.6) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 7.6) - x86_64\n\n3. Description:\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows\nindividual devices on an IP network to get their own network configuration\ninformation, including an IP address, a subnet mask, and a broadcast\naddress. The dhcp packages provide a relay agent and ISC DHCP service\nrequired to enable and administer DHCP on a network. \n\nSecurity Fix(es):\n\n* dhcp: stack-based buffer overflow when parsing statements with\ncolon-separated hex digits in config or lease files in dhcpd and dhclient\n(CVE-2021-25217)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1963258 - CVE-2021-25217 dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient\n\n6. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 7.6):\n\nSource:\ndhcp-4.2.5-69.el7_6.1.src.rpm\n\nx86_64:\ndhclient-4.2.5-69.el7_6.1.x86_64.rpm\ndhcp-4.2.5-69.el7_6.1.x86_64.rpm\ndhcp-common-4.2.5-69.el7_6.1.x86_64.rpm\ndhcp-debuginfo-4.2.5-69.el7_6.1.i686.rpm\ndhcp-debuginfo-4.2.5-69.el7_6.1.x86_64.rpm\ndhcp-libs-4.2.5-69.el7_6.1.i686.rpm\ndhcp-libs-4.2.5-69.el7_6.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server E4S (v. 7.6):\n\nSource:\ndhcp-4.2.5-69.el7_6.1.src.rpm\n\nppc64le:\ndhclient-4.2.5-69.el7_6.1.ppc64le.rpm\ndhcp-4.2.5-69.el7_6.1.ppc64le.rpm\ndhcp-common-4.2.5-69.el7_6.1.ppc64le.rpm\ndhcp-debuginfo-4.2.5-69.el7_6.1.ppc64le.rpm\ndhcp-libs-4.2.5-69.el7_6.1.ppc64le.rpm\n\nx86_64:\ndhclient-4.2.5-69.el7_6.1.x86_64.rpm\ndhcp-4.2.5-69.el7_6.1.x86_64.rpm\ndhcp-common-4.2.5-69.el7_6.1.x86_64.rpm\ndhcp-debuginfo-4.2.5-69.el7_6.1.i686.rpm\ndhcp-debuginfo-4.2.5-69.el7_6.1.x86_64.rpm\ndhcp-libs-4.2.5-69.el7_6.1.i686.rpm\ndhcp-libs-4.2.5-69.el7_6.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 7.6):\n\nSource:\ndhcp-4.2.5-69.el7_6.1.src.rpm\n\nx86_64:\ndhclient-4.2.5-69.el7_6.1.x86_64.rpm\ndhcp-4.2.5-69.el7_6.1.x86_64.rpm\ndhcp-common-4.2.5-69.el7_6.1.x86_64.rpm\ndhcp-debuginfo-4.2.5-69.el7_6.1.i686.rpm\ndhcp-debuginfo-4.2.5-69.el7_6.1.x86_64.rpm\ndhcp-libs-4.2.5-69.el7_6.1.i686.rpm\ndhcp-libs-4.2.5-69.el7_6.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 7.6):\n\nx86_64:\ndhcp-debuginfo-4.2.5-69.el7_6.1.i686.rpm\ndhcp-debuginfo-4.2.5-69.el7_6.1.x86_64.rpm\ndhcp-devel-4.2.5-69.el7_6.1.i686.rpm\ndhcp-devel-4.2.5-69.el7_6.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional E4S (v. 7.6):\n\nppc64le:\ndhcp-debuginfo-4.2.5-69.el7_6.1.ppc64le.rpm\ndhcp-devel-4.2.5-69.el7_6.1.ppc64le.rpm\n\nx86_64:\ndhcp-debuginfo-4.2.5-69.el7_6.1.i686.rpm\ndhcp-debuginfo-4.2.5-69.el7_6.1.x86_64.rpm\ndhcp-devel-4.2.5-69.el7_6.1.i686.rpm\ndhcp-devel-4.2.5-69.el7_6.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 7.6):\n\nx86_64:\ndhcp-debuginfo-4.2.5-69.el7_6.1.i686.rpm\ndhcp-debuginfo-4.2.5-69.el7_6.1.x86_64.rpm\ndhcp-devel-4.2.5-69.el7_6.1.i686.rpm\ndhcp-devel-4.2.5-69.el7_6.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-25217\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYMs0KtzjgjWX9erEAQis7xAAhh3MBohMBq6bZd6sPasNG4rPX+Xh5AWf\nD+6WNTQLV1u1IU4ZzGKVMtBNSfCd8m727z/L0d4wBof06ngUXHkdR4AEzn5uuWSz\nlHzlgbpmvqxeBnXrHOG1WE43JNXHSsj0u8eARsLxEU4/rxnbLVOj5dMJkdWmXN61\nDocHHFVw6GmdZSCr6/tLjvG57fWtVLQF4SpEdhXz55iNZ1l6y09FDtoom/FuXIcG\nVnsUpsu/iWMFaUaVQH3sFVLksl39IrHFQxvskXR+FHAPzb8vVuKyNihJ5b3BUhfh\njTUKPxLO+X0/K9+cNFVSuSTPr7eHpRRHdUbFIHcUB0s1ACOnmvHr6G8FaVAi9BQZ\n6hzWcOFOZS7fF4TnXF3q0yDAKApRwlyF1PP21u1XdCb17Z4+E2LZF0nqnbb3hCxV\nJfnsadNc2Re/gc3u1bOGQb56ylc7LC74BeMDoJSeldqdPeT5JUc8XRRCyWHjVcjD\nBj1kD90FbD3Z3jRAvASgKg4KU1xqEZidHyL/qHo9YTS0h9lqc2iWb0n3/4RU0E8k\nOuNPpWxkzt1uGQl3iJbQH4TOsIQtqoDFOaCaPMbol44fnm69Q52zRBBr6AHVhEcY\niOpTa2PUFK3FLfhkfUCHcCRVXqXeewefcODTWs2Jwx6/sl7nsZpWMNlV8+rdUmXR\nBuvubM0bUt8=\n=mdD7\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. 6 ELS) - i386, s390x, x86_64\n\n3. \nThese packages include redhat-release-virtualization-host. \nRHVH features a Cockpit user interface for monitoring the host\u0027s resources\nand\nperforming administrative tasks. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. Description:\n\nRed Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments. \n\nAll OpenShift Container Platform 4.7 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster\n- -between-minor.html#understanding-upgrade-channels_updating-cluster-between\n- -minor\n\n4. Solution:\n\nFor OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel\nease-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster\n- -cli.html\n\n5. =========================================================================\nUbuntu Security Notice USN-4969-2\nMay 27, 2021\n\nisc-dhcp vulnerability\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 ESM\n- Ubuntu 14.04 ESM\n\nSummary:\n\nDHCP could be made to crash if it received specially crafted network\ntraffic. \n\nSoftware Description:\n- isc-dhcp: DHCP server and client\n\nDetails:\n\nUSN-4969-1 fixed a vulnerability in DHCP. This update provides\nthe corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. \n\n\nOriginal advisory details:\n\n Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly\n handled lease file parsing. A remote attacker could possibly use this issue\n to cause DHCP to crash, resulting in a denial of service. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 ESM:\n isc-dhcp-client 4.3.3-5ubuntu12.10+esm1\n isc-dhcp-server 4.3.3-5ubuntu12.10+esm1\n\nUbuntu 14.04 ESM:\n isc-dhcp-client 4.2.4-7ubuntu12.13+esm1\n isc-dhcp-server 4.2.4-7ubuntu12.13+esm1\n\nIn general, a standard system update will make all the necessary changes. 7.7) - ppc64, ppc64le, s390x, x86_64\n\n3. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. Description:\n\nRed Hat Advanced Cluster Management for Kubernetes 2.3.0 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in. See\nthe following Release Notes documentation, which will be updated shortly\nfor this release, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana\ngement_for_kubernetes/2.3/html/release_notes/\n\nSecurity:\n\n* fastify-reply-from: crafted URL allows prefix scape of the proxied\nbackend service (CVE-2021-21321)\n\n* fastify-http-proxy: crafted URL allows prefix scape of the proxied\nbackend service (CVE-2021-21322)\n\n* nodejs-netmask: improper input validation of octal input data\n(CVE-2021-28918)\n\n* redis: Integer overflow via STRALGO LCS command (CVE-2021-29477)\n\n* redis: Integer overflow via COPY command for large intsets\n(CVE-2021-29478)\n\n* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)\n\n* nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions\n(CVE-2020-28500)\n\n* golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing\n- -u- extension (CVE-2020-28851)\n\n* golang.org/x/text: Panic in language.ParseAcceptLanguage while processing\nbcp47 tag (CVE-2020-28852)\n\n* nodejs-ansi_up: XSS due to insufficient URL sanitization (CVE-2021-3377)\n\n* oras: zip-slip vulnerability via oras-pull (CVE-2021-21272)\n\n* redis: integer overflow when configurable limit for maximum supported\nbulk input size is too big on 32-bit platforms (CVE-2021-21309)\n\n* nodejs-lodash: command injection via template (CVE-2021-23337)\n\n* nodejs-hosted-git-info: Regular Expression denial of service via\nshortcutMatch in fromUrl() (CVE-2021-23362)\n\n* browserslist: parsing of invalid queries could result in Regular\nExpression Denial of Service (ReDoS) (CVE-2021-23364)\n\n* nodejs-postcss: Regular expression denial of service during source map\nparsing (CVE-2021-23368)\n\n* nodejs-handlebars: Remote code execution when compiling untrusted compile\ntemplates with strict:true option (CVE-2021-23369)\n\n* nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in\nlib/previous-map.js (CVE-2021-23382)\n\n* nodejs-handlebars: Remote code execution when compiling untrusted compile\ntemplates with compat:true option (CVE-2021-23383)\n\n* openssl: integer overflow in CipherUpdate (CVE-2021-23840)\n\n* openssl: NULL pointer dereference in X509_issuer_and_serial_hash()\n(CVE-2021-23841)\n\n* nodejs-ua-parser-js: ReDoS via malicious User-Agent header\n(CVE-2021-27292)\n\n* grafana: snapshot feature allow an unauthenticated remote attacker to\ntrigger a DoS via a remote API call (CVE-2021-27358)\n\n* nodejs-is-svg: ReDoS via malicious string (CVE-2021-28092)\n\n* nodejs-netmask: incorrectly parses an IP address that has octal integer\nwith invalid character (CVE-2021-29418)\n\n* ulikunitz/xz: Infinite loop in readUvarint allows for denial of service\n(CVE-2021-29482)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* nodejs-trim-newlines: ReDoS in .end() method (CVE-2021-33623)\n\n* nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe\n(CVE-2021-23343)\n\n* html-parse-stringify: Regular Expression DoS (CVE-2021-23346)\n\n* openssl: incorrect SSLv2 rollback protection (CVE-2021-23839)\n\nFor more details about the security issues, including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npages listed in the References section. \n\nBugs:\n\n* RFE Make the source code for the endpoint-metrics-operator public (BZ#\n1913444)\n\n* cluster became offline after apiserver health check (BZ# 1942589)\n\n3. Bugs fixed (https://bugzilla.redhat.com/):\n\n1913333 - CVE-2020-28851 golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension\n1913338 - CVE-2020-28852 golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag\n1913444 - RFE Make the source code for the endpoint-metrics-operator public\n1921286 - CVE-2021-21272 oras: zip-slip vulnerability via oras-pull\n1927520 - RHACM 2.3.0 images\n1928937 - CVE-2021-23337 nodejs-lodash: command injection via template\n1928954 - CVE-2020-28500 nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions\n1930294 - CVE-2021-23839 openssl: incorrect SSLv2 rollback protection\n1930310 - CVE-2021-23841 openssl: NULL pointer dereference in X509_issuer_and_serial_hash()\n1930324 - CVE-2021-23840 openssl: integer overflow in CipherUpdate\n1932634 - CVE-2021-21309 redis: integer overflow when configurable limit for maximum supported bulk input size is too big on 32-bit platforms\n1936427 - CVE-2021-3377 nodejs-ansi_up: XSS due to insufficient URL sanitization\n1939103 - CVE-2021-28092 nodejs-is-svg: ReDoS via malicious string\n1940196 - View Resource YAML option shows 404 error when reviewing a Subscription for an application\n1940613 - CVE-2021-27292 nodejs-ua-parser-js: ReDoS via malicious User-Agent header\n1941024 - CVE-2021-27358 grafana: snapshot feature allow an unauthenticated remote attacker to trigger a DoS via a remote API call\n1941675 - CVE-2021-23346 html-parse-stringify: Regular Expression DoS\n1942178 - CVE-2021-21321 fastify-reply-from: crafted URL allows prefix scape of the proxied backend service\n1942182 - CVE-2021-21322 fastify-http-proxy: crafted URL allows prefix scape of the proxied backend service\n1942589 - cluster became offline after apiserver health check\n1943208 - CVE-2021-23362 nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl()\n1944822 - CVE-2021-29418 nodejs-netmask: incorrectly parses an IP address that has octal integer with invalid character\n1944827 - CVE-2021-28918 nodejs-netmask: improper input validation of octal input data\n1945459 - CVE-2020-28469 nodejs-glob-parent: Regular expression denial of service\n1948761 - CVE-2021-23369 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option\n1948763 - CVE-2021-23368 nodejs-postcss: Regular expression denial of service during source map parsing\n1954150 - CVE-2021-23382 nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js\n1954368 - CVE-2021-29482 ulikunitz/xz: Infinite loop in readUvarint allows for denial of service\n1955619 - CVE-2021-23364 browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS)\n1956688 - CVE-2021-23383 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true option\n1956818 - CVE-2021-23343 nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe\n1957410 - CVE-2021-29477 redis: Integer overflow via STRALGO LCS command\n1957414 - CVE-2021-29478 redis: Integer overflow via COPY command for large intsets\n1964461 - CVE-2021-33502 normalize-url: ReDoS for data URLs\n1966615 - CVE-2021-33623 nodejs-trim-newlines: ReDoS in .end() method\n1968122 - clusterdeployment fails because hiveadmission sc does not have correct permissions\n1972703 - Subctl fails to join cluster, since it cannot auto-generate a valid cluster id\n1983131 - Defragmenting an etcd member doesn\u0027t reduce the DB size (7.5GB) on a setup with ~1000 spoke clusters\n\n5. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202305-22\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: ISC DHCP: Multiple Vulnerabilities\n Date: May 03, 2023\n Bugs: #875521, #792324\n ID: 202305-22\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been discovered in ISC DHCP, the worst of\nwhich could result in denial of service. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-misc/dhcp \u003c 4.4.3_p1 \u003e= 4.4.3_p1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in ISC DHCP. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll ISC DHCP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/dhcp-4.4.3_p1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2021-25217\n https://nvd.nist.gov/vuln/detail/CVE-2021-25217\n[ 2 ] CVE-2022-2928\n https://nvd.nist.gov/vuln/detail/CVE-2022-2928\n[ 3 ] CVE-2022-2929\n https://nvd.nist.gov/vuln/detail/CVE-2022-2929\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202305-22\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2023 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n", "sources": [ { "db": "NVD", "id": "CVE-2021-25217" }, { "db": "VULMON", "id": "CVE-2021-25217" }, { "db": "PACKETSTORM", "id": "163196" }, { "db": "PACKETSTORM", "id": "163151" }, { "db": "PACKETSTORM", "id": "163240" }, { "db": "PACKETSTORM", "id": "163400" }, { "db": "PACKETSTORM", "id": "162841" }, { "db": "PACKETSTORM", "id": "163129" }, { "db": "PACKETSTORM", "id": "163137" }, { "db": "PACKETSTORM", "id": "163140" }, { "db": "PACKETSTORM", "id": "163052" }, { "db": "PACKETSTORM", "id": "163747" }, { "db": "PACKETSTORM", "id": "172130" } ], "trust": 1.98 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-25217", "trust": 2.2 }, { "db": "SIEMENS", "id": "SSA-637483", "trust": 1.1 }, { "db": "SIEMENS", "id": "SSA-406691", "trust": 1.1 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2021/05/26/6", "trust": 1.1 }, { "db": "ICS CERT", "id": "ICSA-22-258-05", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2021-25217", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "163196", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "163151", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "163240", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "163400", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "162841", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "163129", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "163137", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "163140", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "163052", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "163747", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "172130", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-25217" }, { "db": "PACKETSTORM", "id": "163196" }, { "db": "PACKETSTORM", "id": "163151" }, { "db": "PACKETSTORM", "id": "163240" }, { "db": "PACKETSTORM", "id": "163400" }, { "db": "PACKETSTORM", "id": "162841" }, { "db": "PACKETSTORM", "id": "163129" }, { "db": "PACKETSTORM", "id": "163137" }, { "db": "PACKETSTORM", "id": "163140" }, { "db": "PACKETSTORM", "id": "163052" }, { "db": "PACKETSTORM", "id": "163747" }, { "db": "PACKETSTORM", "id": "172130" }, { "db": "NVD", "id": "CVE-2021-25217" } ] }, "id": "VAR-202105-1325", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.366531175 }, "last_update_date": "2024-07-23T20:55:14.082000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Debian CVElist Bug Report Logs: isc-dhcp: CVE-2021-25217: A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=b55bb445f71f0d88702845d3582e2b5c" }, { "title": "Amazon Linux AMI: ALAS-2021-1510", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2021-1510" }, { "title": "Amazon Linux 2: ALAS2-2021-1654", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2021-1654" }, { "title": "Red Hat: CVE-2021-25217", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2021-25217" }, { "title": "Arch Linux Issues: ", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2021-25217 log" }, { "title": "Palo Alto Networks Security Advisory: PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=palo_alto_networks_security_advisory\u0026qid=34f98e4f4344c97599fe2d33618956a7" }, { "title": "Completion for lacework", "trust": 0.1, "url": "https://github.com/fbreton/lacework " } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-25217" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-119", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2021-25217" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.2, "url": "https://security.gentoo.org/glsa/202305-22" }, { "trust": 1.1, "url": "https://kb.isc.org/docs/cve-2021-25217" }, { "trust": 1.1, "url": "http://www.openwall.com/lists/oss-security/2021/05/26/6" }, { "trust": 1.1, "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00002.html" }, { "trust": 1.1, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406691.pdf" }, { "trust": 1.1, "url": "https://security.netapp.com/advisory/ntap-20220325-0011/" }, { "trust": 1.1, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf" }, { "trust": 1.1, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/z2lb42jwiv4m4wdnxx5vgip26feywkif/" }, { "trust": 1.1, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5qi4dyc7j4bghew3nh4xhmwthyc36uk4/" }, { "trust": 1.0, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-25217" }, { "trust": 0.9, "url": "https://access.redhat.com/security/cve/cve-2021-25217" }, { "trust": 0.9, "url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.9, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.9, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.9, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.8, "url": "https://access.redhat.com/security/team/key/" }, { "trust": 0.6, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2021-27219" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2021-3560" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/119.html" }, { "trust": 0.1, "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989157" }, { "trust": 0.1, "url": "https://alas.aws.amazon.com/alas-2021-1510.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-258-05" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:2469" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:2419" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-24489" }, { "trust": 0.1, "url": "https://access.redhat.com/articles/2974891" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-24489" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-27219" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:2519" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3560" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:2554" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:2555" }, { "trust": 0.1, "url": "https://docs.openshift.com/container-platform/4.7/updating/updating-cluster" }, { "trust": 0.1, "url": "https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel" }, { "trust": 0.1, "url": "https://ubuntu.com/security/notices/usn-4969-1" }, { "trust": 0.1, "url": "https://ubuntu.com/security/notices/usn-4969-2" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:2405" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:2418" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:2415" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:2359" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-20454" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-28469" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-28500" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20934" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-8286" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-28196" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-20305" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-15358" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-29418" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-15358" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-28852" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-13050" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14502" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-33034" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-27618" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-28092" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3520" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15903" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2018-20843" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-13434" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3537" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-28851" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1730" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-8231" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-33909" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-29482" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3518" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-23337" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-32399" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-29362" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-27358" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-19906" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-23369" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-13050" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3516" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-21321" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-23368" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-13434" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2017-14502" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-8285" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-11668" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-10228" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-9169" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-23362" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-23364" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-23343" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-25013" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3449" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-21309" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-33502" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-23841" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-28196" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-29361" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-23383" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-28918" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3517" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-28851" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-28852" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-23840" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-33033" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2018-1000858" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-14889" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-1730" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3541" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-13627" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-1000858" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-20934" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-28469" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:3016" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3377" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-20271" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9169" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3326" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20454" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3450" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-25013" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-29362" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-28500" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-2708" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-21272" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-29477" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-27292" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-23346" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-29478" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-8927" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-11668" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-23839" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-19906" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-29363" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-33623" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-20843" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-21322" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-2708" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-10228" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-23382" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-15903" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-13627" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14889" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-8284" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-33910" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-29361" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-27618" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2929" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2928" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "https://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "https://security.gentoo.org/" } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-25217" }, { "db": "PACKETSTORM", "id": "163196" }, { "db": "PACKETSTORM", "id": "163151" }, { "db": "PACKETSTORM", "id": "163240" }, { "db": "PACKETSTORM", "id": "163400" }, { "db": "PACKETSTORM", "id": "162841" }, { "db": "PACKETSTORM", "id": "163129" }, { "db": "PACKETSTORM", "id": "163137" }, { "db": "PACKETSTORM", "id": "163140" }, { "db": "PACKETSTORM", "id": "163052" }, { "db": "PACKETSTORM", "id": "163747" }, { "db": "PACKETSTORM", "id": "172130" }, { "db": "NVD", "id": "CVE-2021-25217" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2021-25217" }, { "db": "PACKETSTORM", "id": "163196" }, { "db": "PACKETSTORM", "id": "163151" }, { "db": "PACKETSTORM", "id": "163240" }, { "db": "PACKETSTORM", "id": "163400" }, { "db": "PACKETSTORM", "id": "162841" }, { "db": "PACKETSTORM", "id": "163129" }, { "db": "PACKETSTORM", "id": "163137" }, { "db": "PACKETSTORM", "id": "163140" }, { "db": "PACKETSTORM", "id": "163052" }, { "db": "PACKETSTORM", "id": "163747" }, { "db": "PACKETSTORM", "id": "172130" }, { "db": "NVD", "id": "CVE-2021-25217" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-05-26T00:00:00", "db": "VULMON", "id": "CVE-2021-25217" }, { "date": "2021-06-17T18:09:00", "db": "PACKETSTORM", "id": "163196" }, { "date": "2021-06-15T15:01:13", "db": "PACKETSTORM", "id": "163151" }, { "date": "2021-06-22T19:32:24", "db": "PACKETSTORM", "id": "163240" }, { "date": "2021-07-06T15:19:09", "db": "PACKETSTORM", "id": "163400" }, { "date": "2021-05-27T13:30:42", "db": "PACKETSTORM", "id": "162841" }, { "date": "2021-06-14T15:49:07", "db": "PACKETSTORM", "id": "163129" }, { "date": "2021-06-15T14:41:42", "db": "PACKETSTORM", "id": "163137" }, { "date": "2021-06-15T14:44:42", "db": "PACKETSTORM", "id": "163140" }, { "date": "2021-06-09T13:43:47", "db": "PACKETSTORM", "id": "163052" }, { "date": "2021-08-06T14:02:37", "db": "PACKETSTORM", "id": "163747" }, { "date": "2023-05-03T15:37:18", "db": "PACKETSTORM", "id": "172130" }, { "date": "2021-05-26T22:15:07.947000", "db": "NVD", "id": "CVE-2021-25217" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-11-07T00:00:00", "db": "VULMON", "id": "CVE-2021-25217" }, { "date": "2023-11-07T03:31:24.893000", "db": "NVD", "id": "CVE-2021-25217" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "162841" } ], "trust": 0.1 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Red Hat Security Advisory 2021-2469-01", "sources": [ { "db": "PACKETSTORM", "id": "163196" } ], "trust": 0.1 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "overflow", "sources": [ { "db": "PACKETSTORM", "id": "163196" }, { "db": "PACKETSTORM", "id": "163151" }, { "db": "PACKETSTORM", "id": "163240" }, { "db": "PACKETSTORM", "id": "163400" }, { "db": "PACKETSTORM", "id": "163129" }, { "db": "PACKETSTORM", "id": "163137" }, { "db": "PACKETSTORM", "id": "163140" }, { "db": "PACKETSTORM", "id": "163052" } ], "trust": 0.8 } }
gsd-2021-25217
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2021-25217", "description": "In ISC DHCP 4.1-ESV-R1 -\u003e 4.1-ESV-R16, ISC DHCP 4.4.0 -\u003e 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted.", "id": "GSD-2021-25217", "references": [ "https://www.suse.com/security/cve/CVE-2021-25217.html", "https://access.redhat.com/errata/RHSA-2021:2555", "https://access.redhat.com/errata/RHSA-2021:2519", "https://access.redhat.com/errata/RHSA-2021:2469", "https://access.redhat.com/errata/RHSA-2021:2420", "https://access.redhat.com/errata/RHSA-2021:2419", "https://access.redhat.com/errata/RHSA-2021:2418", "https://access.redhat.com/errata/RHSA-2021:2416", "https://access.redhat.com/errata/RHSA-2021:2415", "https://access.redhat.com/errata/RHSA-2021:2414", "https://access.redhat.com/errata/RHSA-2021:2405", "https://access.redhat.com/errata/RHSA-2021:2359", "https://access.redhat.com/errata/RHSA-2021:2357", "https://ubuntu.com/security/CVE-2021-25217", "https://advisories.mageia.org/CVE-2021-25217.html", "https://security.archlinux.org/CVE-2021-25217", "https://alas.aws.amazon.com/cve/html/CVE-2021-25217.html", "https://linux.oracle.com/cve/CVE-2021-25217.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2021-25217" ], "details": "In ISC DHCP 4.1-ESV-R1 -\u003e 4.1-ESV-R16, ISC DHCP 4.4.0 -\u003e 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted.", "id": "GSD-2021-25217", "modified": "2023-12-13T01:23:21.022566Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "security-officer@isc.org", "DATE_PUBLIC": "2021-05-26T21:20:18.000Z", "ID": "CVE-2021-25217", "STATE": "PUBLIC", "TITLE": "A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "ISC DHCP", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "4.1 ESV", "version_value": "4.1-ESV-R16-P1" }, { "version_affected": "\u003c", "version_name": "4.4", "version_value": "4.4.2-P1" } ] } } ] }, "vendor_name": "ISC" } ] } }, "credit": [ { "lang": "eng", "value": "ISC would like to thank Jon Franklin from Dell and Pawel Wieczorkiewicz from Amazon Web Services for (independently) reporting this vulnerability." } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In ISC DHCP 4.1-ESV-R1 -\u003e 4.1-ESV-R16, ISC DHCP 4.4.0 -\u003e 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted." } ] }, "exploit": [ { "lang": "eng", "value": "We are not aware of any active exploits." } ], "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Program code used by the ISC DHCP package to read and parse stored leases has a defect that can be exploited by an attacker to cause one of several undesirable outcomes, depending on the component attacked and the way in which it was compiled. Because of a discrepancy between the code which handles encapsulated option information in leases transmitted \"on the wire\" and the code which reads and parses lease information after it has been written to disk storage, it is potentially possible for an attacker to deliberately cause a situation where: dhcpd, while running in DHCPv4 or DHCPv6 mode, or dhclient, the ISC DHCP client implementation will attempt to read a stored lease that contains option information which will trigger a bug in the option parsing code. Affects ISC DHCP 4.1-ESV-R1 -\u003e 4.1-ESV-R16, ISC DHCP 4.4.0 -\u003e 4.4.2. Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability. Affects both dhcpd (server) and dhcpcd (client)." } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.isc.org/docs/cve-2021-25217", "refsource": "CONFIRM", "url": "https://kb.isc.org/docs/cve-2021-25217" }, { "name": "[oss-security] 20210526 ISC has disclosed a vulnerability in ISC DHCP (CVE-2021-25217)", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/05/26/6" }, { "name": "FEDORA-2021-08cdb4dc34", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z2LB42JWIV4M4WDNXX5VGIP26FEYWKIF/" }, { "name": "[debian-lts-announce] 20210603 [SECURITY] [DLA 2674-1] isc-dhcp security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00002.html" }, { "name": "FEDORA-2021-8ca8263bde", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5QI4DYC7J4BGHEW3NH4XHMWTHYC36UK4/" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-406691.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406691.pdf" }, { "name": "https://security.netapp.com/advisory/ntap-20220325-0011/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220325-0011/" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf" }, { "name": "GLSA-202305-22", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202305-22" } ] }, "solution": [ { "lang": "eng", "value": "Upgrade to the patched release most closely related to your current version of ISC DHCP:\n\n ISC DHCP 4.1-ESV-R16-P1\n ISC DHCP 4.4.2-P1\n" } ], "source": { "discovery": "USER" }, "work_around": [ { "lang": "eng", "value": "None known." } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r12:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r11_rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r11_b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r10_b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r12_b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r11_rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r10_rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r12_p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r13:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r13_b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r14:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r14_b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r15:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r10b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r10rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r11b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r11rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r11rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r12-p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r12b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r13b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r14b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r16:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.4.2", "versionStartIncluding": "4.4.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r15-p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:dhcp:4.1-esv:r15_b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "versionStartIncluding": "2.3.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "versionStartIncluding": "2.3.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "versionStartIncluding": "2.3.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "versionStartIncluding": "2.3.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "versionStartIncluding": "2.3.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "versionStartIncluding": "2.3.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "versionStartIncluding": "2.3.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:solidfire_\\\u0026_hci_management_node:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "security-officer@isc.org", "ID": "CVE-2021-25217" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "In ISC DHCP 4.1-ESV-R1 -\u003e 4.1-ESV-R16, ISC DHCP 4.4.0 -\u003e 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-119" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.isc.org/docs/cve-2021-25217", "refsource": "CONFIRM", "tags": [ "Exploit", "Vendor Advisory" ], "url": "https://kb.isc.org/docs/cve-2021-25217" }, { "name": "[oss-security] 20210526 ISC has disclosed a vulnerability in ISC DHCP (CVE-2021-25217)", "refsource": "MLIST", "tags": [ "Mailing List", "Patch", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2021/05/26/6" }, { "name": "FEDORA-2021-08cdb4dc34", "refsource": "FEDORA", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z2LB42JWIV4M4WDNXX5VGIP26FEYWKIF/" }, { "name": "[debian-lts-announce] 20210603 [SECURITY] [DLA 2674-1] isc-dhcp security update", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00002.html" }, { "name": "FEDORA-2021-8ca8263bde", "refsource": "FEDORA", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5QI4DYC7J4BGHEW3NH4XHMWTHYC36UK4/" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-406691.pdf", "refsource": "CONFIRM", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406691.pdf" }, { "name": "https://security.netapp.com/advisory/ntap-20220325-0011/", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://security.netapp.com/advisory/ntap-20220325-0011/" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", "refsource": "CONFIRM", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf" }, { "name": "GLSA-202305-22", "refsource": "GENTOO", "tags": [], "url": "https://security.gentoo.org/glsa/202305-22" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 6.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 4.0 } }, "lastModifiedDate": "2023-05-03T12:15Z", "publishedDate": "2021-05-26T22:15Z" } } }
ghsa-pf98-cx5w-r49r
Vulnerability from github
In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted.
{ "affected": [], "aliases": [ "CVE-2021-25217" ], "database_specific": { "cwe_ids": [ "CWE-119" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2021-05-26T22:15:00Z", "severity": "HIGH" }, "details": "In ISC DHCP 4.1-ESV-R1 -\u003e 4.1-ESV-R16, ISC DHCP 4.4.0 -\u003e 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted.", "id": "GHSA-pf98-cx5w-r49r", "modified": "2022-05-24T19:03:33Z", "published": "2022-05-24T19:03:33Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25217" }, { "type": "WEB", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406691.pdf" }, { "type": "WEB", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf" }, { "type": "WEB", "url": "https://kb.isc.org/docs/cve-2021-25217" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00002.html" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5QI4DYC7J4BGHEW3NH4XHMWTHYC36UK4" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z2LB42JWIV4M4WDNXX5VGIP26FEYWKIF" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/202305-22" }, { "type": "WEB", "url": "https://security.netapp.com/advisory/ntap-20220325-0011" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2021/05/26/6" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "type": "CVSS_V3" } ] }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.