CVE-2017-3144
Summary
| CVE | CVE-2017-3144 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-01-16 20:29:00 UTC |
| Updated | 2020-01-09 21:07:00 UTC |
| Description | A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested. |
Risk And Classification
Problem Types: CWE-400
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 17.10 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 17.10 | All | All | All |
| Operating System | Debian | Debian Linux | 8.0 | All | All | All |
| Operating System | Debian | Debian Linux | 9.0 | All | All | All |
| Operating System | Debian | Debian Linux | 8.0 | All | All | All |
| Operating System | Debian | Debian Linux | 9.0 | All | All | All |
| Application | Isc | Dhcp | 4.1-esv | - | All | All |
| Application | Isc | Dhcp | 4.1-esv | r1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r10 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r10_b1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r10_rc1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r11 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r11_b1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r11_rc1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r11_rc2 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r12 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r12_b1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r12_p1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r13 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r13_b1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r14 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r14_b1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r15 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r2 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r3 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r3_b1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r4 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r5 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r5_b1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r5_rc1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r5_rc2 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r6 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r7 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r8 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r8_b1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r8_rc1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r9 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r9_b1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r9_rc1 | All | All |
| Application | Isc | Dhcp | 4.1.0 | All | All | All |
| Application | Isc | Dhcp | 4.1-esv | - | All | All |
| Application | Isc | Dhcp | 4.1-esv | r1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r10 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r10_b1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r10_rc1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r11 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r11_b1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r11_rc1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r11_rc2 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r12 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r12_b1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r12_p1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r13 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r13_b1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r14 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r14_b1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r15 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r2 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r3 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r3_b1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r4 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r5 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r5_b1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r5_rc1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r5_rc2 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r6 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r7 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r8 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r8_b1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r8_rc1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r9 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r9_b1 | All | All |
| Application | Isc | Dhcp | 4.1-esv | r9_rc1 | All | All |
| Application | Isc | Dhcp | 4.1.0 | All | All | All |
| Application | Isc | Dhcp | All | All | All | All |
| Application | Isc | Dhcp | All | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 7.4 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 7.4 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Eus | 7.4 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Eus | 7.5 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Eus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Eus | 7.4 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Eus | 7.5 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Eus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Tus | 7.4 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Tus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Tus | 7.4 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Tus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 7.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Red Hat Customer Portal | REDHAT | access.redhat.com | Third Party Advisory |
| Security Advisories-CVE-2017-3144: Failure to properly clean up closed OMAPI connections can exhaust available sockets | CONFIRM | kb.isc.org | Vendor Advisory |
| ISC DHCP CVE-2017-3144 Remote Denial of Service Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| ISC DHCP OMAPI Connection Management Flaw Lets Remote Users Consume Excessive Socket Descriptors on the Target System - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| USN-3586-1: DHCP vulnerabilities | Ubuntu security notices | Ubuntu | UBUNTU | usn.ubuntu.com | Third Party Advisory |
| Debian -- Security Information -- DSA-4133-1 isc-dhcp | DEBIAN | www.debian.org | Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 710315 Gentoo Linux ISC DHCP Multiple Vulnerabilities (GLSA 201804-05)