CVE-2021-25217

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-25217
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-25217.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-25217
Downstream
Related
Published
2021-05-26T22:15:07.947Z
Modified
2026-04-16T04:39:18.307266269Z
Severity
  • 7.4 (High) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted.

References

Affected packages

Git / gitlab.isc.org/isc-projects/dhcp

Affected ranges

Type
GIT
Repo
https://gitlab.isc.org/isc-projects/dhcp
Events
Introduced
075a2f45da9a3194c9ea2c72b2167d9bb5bd0c21
Last affected
18d088f258acd9a327c928db77212fde5a38e0c1
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
9f35323a8abe2ed4bc567b2b2613fc3ef9254e8f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2d5ca865b7268d2f60a485c9a50f96b7890dd51f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c4a3c3ee213715ff5a3f6255001148e333029741
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
f10f02aa92b38606897523e19ad090fc0464a955
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c4a3c3ee213715ff5a3f6255001148e333029741
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
f10f02aa92b38606897523e19ad090fc0464a955
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a05db3d943208ab168a9aba9117706bb58baea7c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
dda169525b6109935c76d2a7f0c479ff4fda0e82
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
4f5c8255511e3600288eddfa6a4e594fde107458
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2a00efe8700df8bfd11881fdabeb18f33e8d9fe6
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
dda169525b6109935c76d2a7f0c479ff4fda0e82
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
4f5c8255511e3600288eddfa6a4e594fde107458
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2a00efe8700df8bfd11881fdabeb18f33e8d9fe6
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
331193dd54344dc74ca1987797d99bb57ba277fe
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
240d9b62e137cad28a08893326ab66d4cd7bbb89
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
240d9b62e137cad28a08893326ab66d4cd7bbb89
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
240d9b62e137cad28a08893326ab66d4cd7bbb89
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
240d9b62e137cad28a08893326ab66d4cd7bbb89
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
f0bd8bdff79188c900a31e763377eb1d25e80eb0
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3a1078b6d1292305c9e784cdce97d9ae6934cc01
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3a1078b6d1292305c9e784cdce97d9ae6934cc01
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3709b7fc844ab8384ba40a1be3cf7916168423e1
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
54ec15cba2c5157bedf45cae9d062814e75e928e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
54ec15cba2c5157bedf45cae9d062814e75e928e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
8423b4587ea3eef2a55b9ab693c828d46e238f0a
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
efaedc0d804d0c9ff0a798b677b838a79e2de52f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
efaedc0d804d0c9ff0a798b677b838a79e2de52f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5a35af42ed56626997e03986aacbfa6c394c5a8d
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
3ccc637f4c792f9c680fcc5a5b315bdc94050e83
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3ccc637f4c792f9c680fcc5a5b315bdc94050e83
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
35d884de5b812b7cb9e858a1f19bb074cb922aef
Database specific 
{
    "versions": [
        {
            "introduced": "4.4.0"
        },
        {
            "last_affected": "4.4.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r10"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r10_b1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r10_rc1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r10b1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r10rc1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r11"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r11_b1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r11_rc1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r11_rc2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r11b1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r11rc1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r11rc2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r12"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r12\\-p1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r12_b1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r12_p1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r12b1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r13"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r13_b1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r13b1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r14"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r14_b1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r14b1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r15"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r15\\-p1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r15_b1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1-esv-r16"
        },
        {
            "introduced": "0"
        },
        {
            "fixed": "1.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0-NA"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0-sp1"
        }
    ]
}

Affected versions

Other
BCTEL_SPECIAL_19991124
BETA_5_15
BETA_5_16
BETA_5_17
DHCP-970305
DHCP-970305A
DHCP-970328
DHCP-970329
DHCP-970602
DHCP-970607
DHCP-970609
DHCP-971122
DHCP-971202
DHCP_970226A
DHCPv6_parsing_base
HEAD-MERGE-V3-0-3RC1
HEAD-MERGE-V3-0-3RC1_base
NetBSD_1_3_Alpha
V1-0-0
V1-0-1
V3-ALPHA-19990315
V3-ALPHA-19990326
V3-ALPHA-19990329
V3-ALPHA-19990329A
V3-ALPHA-19990330
V3-ALPHA-19990408
V3-ALPHA-19990412
V3-ALPHA-19990423
V3-ALPHA-19990424
V3-ALPHA-19990506
V3-ALPHA-19990507
V3-ALPHA-19990527
V3-ALPHA-19990608
V3-BETA-1-PATCH-0
V3-BETA-2-PATCH-1
V3-BETA-2-PATCH-10
V3-BETA-2-PATCH-11
V3-BETA-2-PATCH-12
V3-BETA-2-PATCH-13
V3-BETA-2-PATCH-14
V3-BETA-2-PATCH-15
V3-BETA-2-PATCH-16
V3-BETA-2-PATCH-18
V3-BETA-2-PATCH-19
V3-BETA-2-PATCH-2
V3-BETA-2-PATCH-20
V3-BETA-2-PATCH-21
V3-BETA-2-PATCH-22
V3-BETA-2-PATCH-23
V3-BETA-2-PATCH-24
V3-BETA-2-PATCH-4
V3-BETA-2-PATCH-7
V3-BETA-2-PATCH-8
V3-BETA-2-PATCH-9
V3-RC1
V3-RC2-PATCH-1
V3-RC3
V3_RC4
carrel-2
v4_0_0a1
v4_0_0a2
v4_0_0a3
v4_0_0b1
v4_0_0b2
v4_0_0b3
v4_0_0rc1
v4_1_0
v4_1_0a1
v4_1_0a2
v4_1_0b1
v4_1_0rc1
v4_1_1
v4_1_1b1
v4_1_1b2
v4_1_1b3
v4_1_1rc1
v4_1_2
v4_1_2b1
v4_1_2rc1
v4_1_esv_R4_Oracle
v4_1_esv_r0
v4_1_esv_r1
v4_1_esv_r10
v4_1_esv_r10b1
v4_1_esv_r10rc1
v4_1_esv_r11
v4_1_esv_r11b1
v4_1_esv_r11rc1
v4_1_esv_r11rc2
v4_1_esv_r12
v4_1_esv_r12b1
v4_1_esv_r13
v4_1_esv_r13b1
v4_1_esv_r14
v4_1_esv_r14b1
v4_1_esv_r15
v4_1_esv_r15b1
v4_1_esv_r16
v4_1_esv_r16b1
v4_1_esv_r16b1_f1
v4_1_esv_r2
v4_1_esv_r3
v4_1_esv_r4
v4_1_esv_r5
v4_1_esv_r5b1
v4_1_esv_r5rc1
v4_1_esv_r5rc2
v4_1_esv_r6
v4_1_esv_r7
v4_1_esv_r8
v4_1_esv_r8b1
v4_1_esv_r8rc1
v4_1_esv_r9
v4_1_esv_r9b1
v4_1_esv_r9rc1
v4_4_0
v4_4_0_f1
v4_4_1
v4_4_1_f1
v4_4_2
v4_4_2b1
v4_4_2b1_f1
v4_4_2b1_f2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-25217.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "33"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "34"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "2.15.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "2.3.0"
            },
            {
                "fixed": "2.15.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "2.3.0"
            },
            {
                "fixed": "2.15.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "2.3.0"
            },
            {
                "fixed": "2.15.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "2.3.0"
            },
            {
                "fixed": "2.15.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "2.3.0"
            },
            {
                "fixed": "2.15.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "2.15.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "2.15.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "2.3.0"
            },
            {
                "fixed": "2.15.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "2.3.0"
            },
            {
                "fixed": "2.15.0"
            }
        ]
    }
]