CVE-2012-3954

CWE-399 CWE-401 — Memory Leak9 documents8 sources

Severity

3.3LOW

EPSS

5.9%

top 9.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Canonical Ubuntu Linux Debian Debian Linux ISC Dhcp

Timeline

PublishedJul 25

Latest updateMay 13

Description

Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.

CVSS vector

AV:A/AC:L/C:N/I:N/A:PExploitability: 6.5 | Impact: 2.9

Affected Packages2 packages

▶Debianisc-dhcp< 4.2.4-2+2

▶NVDisc/dhcp9 versions+8

Also affects: Debian Linux 6.0, 7.0, Ubuntu Linux 11.04, 11.10, 12.04

🔴Vulnerability Details

GHSA

GHSA-v4rv-fwvg-94r2: Multiple memory leaks in ISC DHCP 4↗2022-05-13

▶

CVEList

CVE-2012-3954: Multiple memory leaks in ISC DHCP 4↗2012-07-25

▶

OSV

CVE-2012-3954: Multiple memory leaks in ISC DHCP 4↗2012-07-25

▶

📋Vendor Advisories

Ubuntu

DHCP vulnerabilities↗2012-07-26

▶

Red Hat

dhcp: two memory leaks may result in DoS↗2012-07-24

▶

Debian

CVE-2012-3954: isc-dhcp - Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV be...↗2012

▶

💬Community

Bugzilla

CVE-2012-3570 CVE-2012-3571 CVE-2012-3954 dhcp various flaws [fedora-all]↗2012-07-24

▶

Bugzilla

CVE-2012-3954 dhcp: two memory leaks may result in DoS↗2012-07-23

▶