CVE-2022-2929

{"id": "CVE-2022-2929", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "security-officer@isc.org", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2022-10-07T05:15:11.320", "references": [{"url": "https://kb.isc.org/docs/cve-2022-2929", "tags": ["Vendor Advisory"], "source": "security-officer@isc.org"}, {"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00015.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "security-officer@isc.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SARIK7KZ7MGQIWDRWZFAOSQSPXY4GOU/", "source": "security-officer@isc.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQXYCIWUDILRCNBAIMVFCSGXBRKEPB4K/", "source": "security-officer@isc.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T6IBFH4MRRNJQVWEKILQ6I6CXWW766FX/", "source": "security-officer@isc.org"}, {"url": "https://security.gentoo.org/glsa/202305-22", "source": "security-officer@isc.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-770"}]}], "descriptions": [{"lang": "en", "value": "In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory."}, {"lang": "es", "value": "En ISC DHCP versiones 1.0 anteriores a 4.4.3, ISC DHCP versiones 4.1-ESV-R1 anteriores a 4.1-ESV-R16-P1, un sistema con acceso a un servidor DHCP, enviando paquetes DHCP dise\u00f1ados para incluir etiquetas fqdn de m\u00e1s de 63 bytes, podr\u00eda llegar a causar a el servidor quedarse sin memoria"}], "lastModified": "2023-11-07T03:47:05.587", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:isc:dhcp:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29B372FC-4ADF-480F-82EA-677BA9CE80F9", "versionEndExcluding": "4.1-esv", "versionStartIncluding": "1.0.0"}, {"criteria": "cpe:2.3:a:isc:dhcp:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3828370A-E2C3-40C6-A4D4-A0E4FE932AD0", "versionEndIncluding": "4.4.3", "versionStartIncluding": "4.2.0"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBAABA4E-0D34-4644-AC26-E272CEE6C361"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "179443DC-4B6A-408A-8BE5-B3E72188F43E"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r10_b1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9BE7736-58CD-468B-84AB-B38C9B254BA6"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r10_rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7EB6F7F0-B2A0-47E3-AD7A-4E7618A36F90"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r10b1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA5FAE54-1645-4A38-A431-10E67304399A"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r10rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C0D1A71-CECB-4C86-87F6-EB3741BDF692"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r11:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ADF80D19-3B0A-4A74-944E-F33CCC30EADA"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r11_b1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40B21FCB-43A8-4266-934D-ECFF8138F637"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r11_rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69D49F23-9074-49E7-985F-4D93393324CD"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r11_rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F729D1D-7234-4BC2-839B-AE1BB9D16C25"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r11b1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E01D88D-876D-45FE-B7ED-089DAD801EF6"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r11rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4B030B1-F008-4562-93C7-7E1C6D3D00F4"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r11rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF656F5E-B317-4E0C-BF01-EC2A917142DC"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r12:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBA64EEC-C0C7-4F11-8131-2868691E54DB"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r12-p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FFD3109A-1D76-4EA7-BF39-0B203AD945CF"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r12_b1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "157520D7-AE39-4E23-A8CF-DD75EA78C055"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r12_p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B07118EC-9508-42B8-8D09-5CE310DA2B43"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r12b1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2156D1BC-90AE-4AF3-964C-DAC7DCE14A5D"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r13:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A157E664-6ACE-44CE-AC07-64898B182EA1"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r13_b1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0056BF7A-4A70-4F1D-89C2-25CCDB65217B"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r13b1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA8ADA07-94FA-4014-AF70-8FCAF5F0DB03"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r14:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D21F05D-246F-41F5-81FD-286C26168E2E"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r14_b1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12103C87-C942-481A-A68C-7BC83F964C06"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r14b1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2E0124D-6330-4013-8145-4309FDAE60A8"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r15:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "924E91FF-495F-4963-827F-57F7340C6560"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r15-p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BC02748-557A-4131-A372-D99B62B4B93B"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r15_b1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76A11284-3D81-45F0-8055-17282945C14F"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r16:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98431CF5-D4C2-4FCF-BA81-0BBB631546D2"}, {"criteria": "cpe:2.3:a:isc:dhcp:4.1-esv:r16-p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FEA9F857-B59F-4D2D-8F7B-0D1BF08E9712"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"}], "operator": "OR"}]}], "sourceIdentifier": "security-officer@isc.org"}