CVE-2019-6474

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-6474
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-6474.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2019-6474
Downstream
Published
2019-10-16T18:15:37.217Z
Modified
2026-04-10T04:19:46.258322Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A missing check on incoming client requests can be exploited to cause a situation where the Kea server's lease storage contains leases which are rejected as invalid when the server tries to load leases from storage on restart. If the number of such leases exceeds a hard-coded limit in the Kea code, a server trying to restart will conclude that there is a problem with its lease store and give up. Versions affected: 1.4.0 to 1.5.0, 1.6.0-beta1, and 1.6.0-beta2

References

Affected packages

Git / gitlab.isc.org/isc-projects/kea

Affected ranges

Type
GIT
Repo
https://gitlab.isc.org/isc-projects/kea
Events
Introduced
adecd0b6b6f2967f3e6d4c2258e59af2b0767168
Last affected
a0d3d9729b506eaa4674e5bd8b25b87d84d2492d
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
03f0af3900bdd9eaa951b23cc9508f0618d3f1bb
Database specific 
{
    "versions": [
        {
            "introduced": "1.4.0"
        },
        {
            "last_affected": "1.5.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.6.0-beta2"
        }
    ]
}

Affected versions

Other
100-implement-test-config-backend-dhcp6_base
111-configure-options-with-cql-not-working-properly_base
111-configure-options-with-mysql-not-working-properly_base
111-configure-options-with-pgsql-not-working-properly_base
117-configure-script-doesn-t-fail-when-enable-generate-docs-is-used-and-docbook-style-xsl-is-not-installed
117-configure-script-doesn-t-fail-when-enable-generate-docs-is-used-and-docbook-style-xsl-is-not-installed_base
120-macos_exit_base
128-netconf-config_base
128-netconf-use-libprocess_base
130-all-keys-sample_base
134-bugs--xcode-10_base
136-add-global-host-reservation-examples_base
137-improve-kea-compilation-time-2_base
148-lib-process-servers-without-arguments_base
153-netconf-agent_base
153-netconf-ca-constant_base
153-netconf-configs_base
153-netconf-control-socket_base
153-netconf-fd-watcher_base
153-netconf-test-hang_base
154-netconf-disable-reload_base
161-move-hooks-subdirectory-under-kea-own-directory_base
161-move-hooks-subdirectory-under-kea-own-directory_merged
165-netbsd-8-fixes_base
168-config-manager-clear-does-not-clear-the-d2-client-config_base
171-keactrl-tests-not-posix_base
174-warning-for-unused-trace-levels_base
176-update-to-sysrepo-0-7-6-release_base
177-serialize-netconf-tests_base
178-fix-shell-tests_base
180-address-some-doxygen-warnings-errors_base
182-remove-always-include-fqdn-configuration-parameter-from-d2clientconfig_base
186-add-kea-netconf-daemon-to-keactrl_base
198-user-s-guide-update-json-section-needs-a-refresh_base
208-move-logging-from-global-objects-to-global-params_base
259-libyang-adapt-authoritative_base
268-reservation-mode-is-not-global_base
275-config-control-syntax-cleanup_base
283-perfdhcp-fix-send-due_base
284-need-dhcp6-example-for-netconf_base
297-old-text-about-multiple-classes-guards_base
30-implement-control-socket-for-ddns-2_base
306-distribute-yang-modules_base
313-return-a-list-of-all-reservations-by-subnet-id_base
327-split-transmission-and-reception-control-buffers_base
333-parser-libraries-for-servers_base
339-doxygen-errors_base
340-make-perfdhcp-build-optional_base
343-put-socket-control-buffer-in-the-stack_base
344-lease-cmds-unit-tests_base
354-compilation-with-mysql-fails-on-fedora-29_base
361-kea-user-s-guide-table-listing-standard-options-uses-hex-instead-of-binary_base
366-check-circular_buffer-hpp-existence-in-configure_base
367-kea-does-not-compile-with-boost-installed-at-not-default-location_base
371-ld-warning-message-on-macos-build_base
375-add-config-reload-support-in-process-library_base
380-unexpected-boost-include-capture_base
381-bad-config-crashes-ca-or-d2-servers-even-with-c_base
386-remove-obsolete-experimental-dhcpv6-options_base
397-cb-implement-mysqlconfigbackenddhcpv6_base
405-update-cb_cmds
405-update-cb_cmds_base
406-update-cb_cmds-with-get-commands_base
417-incorrect-return-value-of-ifacemgr-send_base
421-create-config-backend-for-dhcpv6-base_base
421-create-config-backend-for-dhcpv6_base
422-distcheck-failure-after-375_base
426-cassandra-unit-tests-ends-with-success-even-though-they-fail_base
429-Updated-StampedValue-to-support-reals_base
430-configure-location-of-datadir_base
441-make-distcheck-fails-on-fedora-29-automake-1-16_base
441-make-distcheck-fails-on-fedora-29_base
448-update-cb-cmds-to-handle-parameter-types_base
453-update-makefile-using-bison_base
458-config-backend-support-in-src-lib_base
460-update-mysql-database-schema-for-dhcpv6--align-on-dhcpv4_base
463-ordering-using-timestamps-without-fractional-part-fails-on-mysql-8_base
465-add-subnet4-update-and-subnet6-update-commands-to-subnet-cmds-hook_base
465-add-subnet4-update-and-subnet6-update-commands-to-subnet-cmds-hook_base2
474-optionally-disable-collection-host-lookups_base
478-improve-error-message-database-backend-mysql_base
481-remote-subnet4-set-inconsistent-work-when-id-subnet-is-duplicated_base
486-no-longer-use-bison-is-yacc-emulation-mode_base
492-cb-subnet-merge-vs-duplicate-subnet-prefixes_base
494-dhcp4configparser-sharednetworkssanitychecks-is-buggy_base
498-pkg-config-usage-in-kea-libs-is-wrong_base
499-global-keywords-entries_base
5-netconf-config_base
5-netconf-doc-config_base
5-netconf-extend-syntax_base
500-strengthen-option-def-parser_base
503-refuse-option-definitions-which-duplicate-a-name-space_base
509-improve-disabling-client-id-lookup_base
512-fix-TestConfigBackendDHCPv4-deleteSharedNetworkSubnets4_base
512-remote-network4-del-update_base
519-dhcp-server-response-an-empty-rai-field_base
524-using-sh-and-wrong-syntax-in-if-statements-breaks-ubuntu-build_base
65-libyang-adaptors_base
65-libyang-class_base
65-libyang-clean-keatext_base
65-libyang-config-adaptor_base
65-libyang-config-build_base
65-libyang-config-translator_base
65-libyang-control-socket_base
65-libyang-database_base
65-libyang-extend-syntax_base
65-libyang-finish-doc_base
65-libyang-gcc-requirement_base
65-libyang-getParam_base
65-libyang-host_base
65-libyang-logger_base
65-libyang-models-fix_base
65-libyang-models-update_base
65-libyang-pd-pool_base
65-libyang-pool_base
65-libyang-shared-network-translator_base
65-libyang-subnet_base
65-libyang-testutils_base
65-libyang-tools_base
66-authoritative-flag-in-kea_base
67-expressions-hexa-strings_base
75-radius-documentation-needs-an-update_base
82-improve-kea-test-capabilities_base
94-cb-implement-mysqlconfigbackenddhcpv6-prepare_base
eng_drop_01312017
fd4o6_base
fd_json_bench_base
fdfb_base
fdflex_base
fdfnv_base
fdppjson_base
fdxhook_base
gitlab116_base
gitlab20_base
gitlab29-base
ha_checkpoint3
ha_checkpoints12
ha_phase2
kea-eng-20140313
kea5574_base
libyang-adaptor_base
libyang-generic_base
libyang-models_base
libyang-option-data_base
libyang-option-def_base
rt3470_base
sedhcpv6a_0
trac102_base
trac102a_base
trac102b_base
trac1205_base
trac1205a_base
trac2358_base
trac2358a_base
trac2406_cl_base
trac2406k_base
trac2406km_base
trac2487_base
trac2688_base
trac3162_base
trac3162a_base
trac3238_base
trac3389_base
trac3389a_base
trac3434_base
trac3471_base
trac3473_base
trac3482_base
trac3489_base
trac3504_base
trac3504b_base
trac3513_base
trac3516_base
trac3543_base
trac3590_base
trac3595_base
trac3602_base
trac3614_base
trac3616_base
trac3627_base
trac3629a_base
trac3631_base
trac3632_base
trac3652_base
trac3656_base
trac3661_base
trac3697_base
trac3700_base
trac3712_base
trac3713_base
trac3722_base
trac3723_base
trac3727_base
trac3732b_base
trac3733_base
trac3745_base
trac3752_base
trac3762_base
trac3764_base
trac3764a_base
trac3770_base
trac3770_base2
trac3771_base
trac3773_base
trac3782_base
trac3785_base
trac3791_base
trac3812_base
trac3814_base
trac3815_base
trac3824_base
trac3828_base
trac3829_base
trac3830_base
trac3832_base
trac3833_base
trac3838_base
trac3839_base
trac3841_base
trac3842_base
trac3844_base
trac3845_base
trac3853_base
trac3854_base
trac3855_base
trac3858_base
trac3858a_base
trac3860_base
trac3861_base
trac3863_base
trac3864_base
trac3865_base
trac3867_base
trac3874_base
trac3881_base
trac3882a_base
trac3889_base
trac3898_base
trac3899_base
trac3908_base
trac3910_base
trac3911_base
trac3911a_base
trac3915_base
trac3919_base
trac3920_base
trac3921_base
trac3921a_base
trac3922_base
trac3923_base
trac3923a_base
trac3927_base
trac3932_base
trac3944_base
trac3978_base
trac4003_base
trac4006_base
trac4010_base
trac4014_base
trac4015_base
trac4016_base
trac4018_base
trac4024_base
trac4024_try_base
trac4026_base
trac4028_base
trac4029_base
trac4032_base
trac4034_base
trac4045_base
trac4049_base
trac4061_base
trac4062_base
trac4065_base
trac4068_base
trac4070_base
trac4071_base
trac4074_base
trac4096_base
trac4097_base
trac4097a_base
trac4106_base
trac4106_update_base
trac4107_base
trac4109a_base
trac4110_base
trac4113_base
trac4115_base
trac4115a_base
trac4116_base
trac4121_base
trac4201_base
trac4203_base
trac4204_base
trac4204fd_base
trac4231_base
trac4232a_base
trac4234_base
trac4240_base
trac4241_base
trac4242_base
trac4245_base
trac4248_base
trac4263_base
trac4266_base
trac4267_base0
trac4268a_base
trac4272_base
trac4272a_base
trac4273_base
trac4274_base
trac4283_base
trac4286_base
trac4287_base
trac4289_base
trac4290_base
trac4291_base
trac4306_base
trac4307_base
trac4310_base
trac4313_base
trac4315_base
trac4326_base
trac4339_base
trac4500_base
trac4501_base
trac4523_base
trac4540_base
trac4551_base
trac4631_base
trac4631a_base
trac4631b_base
trac5004_base
trac5006_base
trac5010_base
trac5014_base
trac5017_base
trac5019_base
trac5021_base
trac5031_base
trac5035_base
trac5046_base
trac5049_base
trac5051_base
trac5053_base
trac5057_base
trac5060_base
trac5061_base
trac5062_base
trac5070_base
trac5071_base
trac5073_base
trac5073a_base
trac5075_base
trac5076_base
trac5077_base
trac5087_base
trac5088_base
trac5090_base
trac5091_base
trac5092_base
trac5093_base
trac5094_base
trac5096_base
trac5097_base
trac5098_base
trac5099_base
trac5101_base
trac5104_base
trac5105_base
trac5106_base
trac5110_base
trac5112_base
trac5113_base
trac5117_base
trac5119_base
trac5121_base
trac5122_base
trac5123_base
trac5124_base
trac5124a_base
trac5126_base
trac5131_base
trac5132_base
trac5137_base
trac5138_base
trac5138_fd_base
trac5145_base
trac5145a_base
trac5145b_base
trac5146_base
trac5146a_base
trac5151_base
trac5152_base
trac5160_base
trac5170_base
trac5186_base
trac5187_base
trac5196_base
trac5210_base
trac5212_base
trac5213_base
trac5214_base
trac5227_base
trac5241_base
trac5243_base
trac5243x_base
trac5266_base
trac5267_base
trac5277_base
trac5282_base
trac5286_base
trac5287_base
trac5288_base
trac5297_base
trac5333_base
trac5351_base
trac5361_base
trac5362_base
trac5363_base
trac5365_base
trac5379_base
trac5380_base
trac5381_base
trac5382_base
trac5389_base
trac5391_base
trac5400_base
trac5404_base
trac5425_base
trac5425a_base
trac5440_base
trac5449_base
trac5452_base
trac5457_base
trac5458_base
trac5458a_base
trac5488_base
trac5494_base
trac5496_base
trac5502_base
trac5513_base
trac5515_base
trac5524_base
trac5525_base
trac5528_base
trac5530a_base
trac5533a_base
trac5536_base
trac5549_base
trac5549a_base
trac5555_base
trac5560_base
trac5566_base
trac5577_base
trac5582_base
trac5584_base
trac5591_base
trac5605a_base
trac5609_base
trac5617_base
trac5631_base
trac5668_base
trac5685_base
trac5694_base
Kea-1.*
Kea-1.5.0
Kea-1.5.0-beta1
Kea-1.5.0-beta2
Kea-1.6.0-beta2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-6474.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "1.6.0-beta1"
            }
        ]
    }
]