CVE-2019-6470
Last modified
CVE-2019-6470 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. EPSS estimates a 8.81% chance of exploitation in the next 30 days.
Description
There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Isc | Dhcpd | < 4.4.1 |
| Redhat | Enterprise Linux | 8.0 |
| Redhat | Enterprise Linux Desktop | 7.0 |
| Redhat | Enterprise Linux Eus | 8.1 |
| Redhat | Enterprise Linux Eus | 8.2 |
| Redhat | Enterprise Linux Eus | 8.4 |
| Redhat | Enterprise Linux Eus | 8.6 |
| Redhat | Enterprise Linux Eus | 8.8 |
| Redhat | Enterprise Linux For Arm 64 | 8.0 |
| Redhat | Enterprise Linux For Arm 64 Eus | 8.1_aarch64 |
| Redhat | Enterprise Linux For Arm 64 Eus | 8.2_aarch64 |
| Redhat | Enterprise Linux For Arm 64 Eus | 8.4_aarch64 |
| Redhat | Enterprise Linux For Arm 64 Eus | 8.6_aarch64 |
| Redhat | Enterprise Linux For Arm 64 Eus | 8.8_aarch64 |
| Redhat | Enterprise Linux For Ibm Z Systems | 7.0 |
| Redhat | Enterprise Linux For Ibm Z Systems | 8.0 |
| Redhat | Enterprise Linux For Ibm Z Systems Eus | 8.1_s390x |
| Redhat | Enterprise Linux For Ibm Z Systems Eus | 8.2_s390x |
| Redhat | Enterprise Linux For Ibm Z Systems Eus | 8.4_s390x |
| Redhat | Enterprise Linux For Ibm Z Systems Eus | 8.6_s390x |
| Redhat | Enterprise Linux For Ibm Z Systems Eus | 8.8_s390x |
| Redhat | Enterprise Linux For Power Big Endian | 7.0 |
| Redhat | Enterprise Linux For Power Little Endian | 7.0 |
| Redhat | Enterprise Linux For Power Little Endian | 8.0 |
| Redhat | Enterprise Linux For Power Little Endian Eus | 8.1_ppc64le |
| Redhat | Enterprise Linux For Power Little Endian Eus | 8.2_ppc64le |
| Redhat | Enterprise Linux For Power Little Endian Eus | 8.4_ppc64le |
| Redhat | Enterprise Linux For Power Little Endian Eus | 8.6_ppc64le |
| Redhat | Enterprise Linux For Power Little Endian Eus | 8.8_ppc64le |
| Redhat | Enterprise Linux For Scientific Computing | 7.0 |
| Redhat | Enterprise Linux Server | 7.0 |
| Redhat | Enterprise Linux Server Aus | 8.2 |
| Redhat | Enterprise Linux Server Aus | 8.4 |
| Redhat | Enterprise Linux Server Aus | 8.6 |
| Redhat | Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions | 8.1 |
| Redhat | Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions | 8.2 |
| Redhat | Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions | 8.4 |
| Redhat | Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions | 8.6 |
| Redhat | Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions | 8.8 |
| Redhat | Enterprise Linux Server Tus | 8.2 |
| Redhat | Enterprise Linux Server Tus | 8.4 |
| Redhat | Enterprise Linux Server Tus | 8.6 |
| Redhat | Enterprise Linux Server Tus | 8.8 |
| Redhat | Enterprise Linux Update Services For Sap Solutions | 8.1 |
| Redhat | Enterprise Linux Update Services For Sap Solutions | 8.2 |
| Redhat | Enterprise Linux Update Services For Sap Solutions | 8.4 |
| Redhat | Enterprise Linux Update Services For Sap Solutions | 8.6 |
| Redhat | Enterprise Linux Update Services For Sap Solutions | 8.8 |
| Redhat | Enterprise Linux Workstation | 7.0 |
| Opensuse | Leap | 15.0 |
Showing 50 of 51 affected configurations. See NVD for the full list.
References
- https://access.redhat.com/errata/RHSA-2019:2060Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:3525Third Party Advisory
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896122Exploit, Mailing List, Third Party Advisory
- https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00048.htmlMailing List, Third Party Advisory
- https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00049.htmlMailing List, Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2060Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:3525Third Party Advisory
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896122Exploit, Mailing List, Third Party Advisory
- https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00048.htmlMailing List, Third Party Advisory
- https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00049.htmlMailing List, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2019-6470?
How severe is CVE-2019-6470?
How do I fix CVE-2019-6470?
Are you affected by CVE-2019-6470?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST