An ni_dhcp4_fsm_process_dhcp4_packet memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets with a different client-id.
Weakness
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Wicked | Opensuse | * | 0.6.55 (including) |
Potential Mitigations
- Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
- For example, glibc in Linux provides protection against free of invalid pointers.
- When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
- To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
References
- http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00011.html
- https://bugzilla.suse.com/show_bug.cgi?id=1160906
- https://github.com/openSUSE/wicked/releases
- https://www.suse.com/security/cve/CVE-2020-7217/
- http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00011.html
- https://bugzilla.suse.com/show_bug.cgi?id=1160906
- https://github.com/openSUSE/wicked/releases
- https://www.suse.com/security/cve/CVE-2020-7217/