CVE-2022-2928
- Source
- https://cve.org/CVERecord?id=CVE-2022-2928
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-2928.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-2928
- Downstream
- Related
- Published
- 2022-10-07T05:15:08.677Z
- Modified
- 2026-04-11T12:42:55.347265Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function optioncodehashlookup() is called from addoption(), it increases the option's refcount field. However, there is not a corresponding call to optiondereference() to decrement the refcount field. The function addoption() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort.
- Database specific
{ "unresolved_ranges": [ { "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "10.0" } ], "cpe": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "35" } ], "cpe": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*" }, { "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "36" } ], "cpe": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*" }, { "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "37" } ], "cpe": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*" } ] }- References
-
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SARIK7KZ7MGQIWDRWZFAOSQSPXY4GOU/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQXYCIWUDILRCNBAIMVFCSGXBRKEPB4K/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T6IBFH4MRRNJQVWEKILQ6I6CXWW766FX/
- https://kb.isc.org/docs/cve-2022-2928
- https://lists.debian.org/debian-lts-announce/2022/10/msg00015.html
- https://security.gentoo.org/glsa/202305-22
Affected packages
Git / gitlab.isc.org/isc-projects/dhcp
Affected ranges
- Type
- GIT
- Repo
- https://gitlab.isc.org/isc-projects/dhcp
- Events
-
IntroducedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
- Database specific
{ "source": "CPE_FIELD", "extracted_events": [ { "introduced": "4.4.0" }, { "last_affected": "4.4.3" }, { "introduced": "0" }, { "last_affected": "4.1-esv-r1" }, { "last_affected": "4.1-esv-r10" }, { "last_affected": "4.1-esv-r10_b1" }, { "last_affected": "4.1-esv-r10_rc1" }, { "last_affected": "4.1-esv-r10b1" }, { "last_affected": "4.1-esv-r10rc1" }, { "last_affected": "4.1-esv-r11" }, { "last_affected": "4.1-esv-r11_b1" }, { "last_affected": "4.1-esv-r11_rc1" }, { "last_affected": "4.1-esv-r11_rc2" }, { "last_affected": "4.1-esv-r11b1" }, { "last_affected": "4.1-esv-r11rc1" }, { "last_affected": "4.1-esv-r11rc2" }, { "last_affected": "4.1-esv-r12" }, { "last_affected": "4.1-esv-r12\\-p1" }, { "last_affected": "4.1-esv-r12_b1" }, { "last_affected": "4.1-esv-r12_p1" }, { "last_affected": "4.1-esv-r12b1" }, { "last_affected": "4.1-esv-r13" }, { "last_affected": "4.1-esv-r13_b1" }, { "last_affected": "4.1-esv-r13b1" }, { "last_affected": "4.1-esv-r14" }, { "last_affected": "4.1-esv-r14_b1" }, { "last_affected": "4.1-esv-r14b1" }, { "last_affected": "4.1-esv-r15" }, { "last_affected": "4.1-esv-r15\\-p1" }, { "last_affected": "4.1-esv-r15_b1" }, { "last_affected": "4.1-esv-r16" }, { "last_affected": "4.1-esv-r16\\-p1" } ], "cpe": [ "cpe:2.3:a:isc:dhcp:*:*:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r10:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r10_b1:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r10_rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r10b1:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r10rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r11:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r11_b1:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r11_rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r11_rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r11b1:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r11rc1:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r11rc2:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r12:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r12-p1:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r12_b1:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r12_p1:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r12b1:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r13:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r13_b1:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r13b1:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r14:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r14_b1:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r14b1:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r15:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r15-p1:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r15_b1:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r16:*:*:*:*:*:*", "cpe:2.3:a:isc:dhcp:4.1-esv:r16-p1:*:*:*:*:*:*" ] }
Affected versions
Other
BCTEL_SPECIAL_19991124
DHCP-970305
DHCP-970305A
DHCP-970328
DHCP-970329
DHCP-970602
DHCP-970607
DHCP-970609
DHCP-971122
DHCP-971202
DHCP_970226A
DHCPv6_parsing_base
HEAD-MERGE-V3-0-3RC1
HEAD-MERGE-V3-0-3RC1_base
NetBSD_1_3_Alpha
V3-ALPHA-19990315
V3-ALPHA-19990326
V3-ALPHA-19990329
V3-ALPHA-19990329A
V3-ALPHA-19990330
V3-ALPHA-19990408
V3-ALPHA-19990412
V3-ALPHA-19990423
V3-ALPHA-19990424
V3-ALPHA-19990506
V3-ALPHA-19990507
V3-ALPHA-19990527
V3-ALPHA-19990608
V3-BETA-1-PATCH-0
V3-BETA-2-PATCH-1
V3-BETA-2-PATCH-10
V3-BETA-2-PATCH-11
V3-BETA-2-PATCH-12
V3-BETA-2-PATCH-13
V3-BETA-2-PATCH-14
V3-BETA-2-PATCH-15
V3-BETA-2-PATCH-16
V3-BETA-2-PATCH-18
V3-BETA-2-PATCH-19
V3-BETA-2-PATCH-2
V3-BETA-2-PATCH-20
V3-BETA-2-PATCH-21
V3-BETA-2-PATCH-22
V3-BETA-2-PATCH-23
V3-BETA-2-PATCH-24
V3-BETA-2-PATCH-4
V3-BETA-2-PATCH-7
V3-BETA-2-PATCH-8
V3-BETA-2-PATCH-9
V3-RC1
V3-RC2-PATCH-1
V3-RC3
V3_RC4
carrel-2
list
v4_0_0a1
v4_0_0a2
v4_0_0a3
v4_0_0b1
v4_0_0b2
v4_0_0b3
v4_0_0rc1
v4_1_0
v4_1_0a1
v4_1_0a2
v4_1_0b1
v4_1_0rc1
v4_1_1
v4_1_1b1
v4_1_1b2
v4_1_1b3
v4_1_1rc1
v4_1_2
v4_1_2b1
v4_1_2rc1
v4_1_esv_R4_Oracle
v4_1_esv_r0
v4_1_esv_r1
v4_1_esv_r10
v4_1_esv_r10b1
v4_1_esv_r10rc1
v4_1_esv_r11
v4_1_esv_r11b1
v4_1_esv_r11rc1
v4_1_esv_r11rc2
v4_1_esv_r12
v4_1_esv_r12b1
v4_1_esv_r13
v4_1_esv_r13b1
v4_1_esv_r14
v4_1_esv_r14b1
v4_1_esv_r15
v4_1_esv_r15b1
v4_1_esv_r16
v4_1_esv_r16b1
v4_1_esv_r16b1_f1
v4_1_esv_r2
v4_1_esv_r3
v4_1_esv_r4
v4_1_esv_r5
v4_1_esv_r5b1
v4_1_esv_r5rc1
v4_1_esv_r5rc2
v4_1_esv_r6
v4_1_esv_r7
v4_1_esv_r8
v4_1_esv_r8b1
v4_1_esv_r8rc1
v4_1_esv_r9
v4_1_esv_r9b1
v4_1_esv_r9rc1
v4_4_0
v4_4_0_f1
v4_4_1
v4_4_1_f1
v4_4_2
v4_4_2_f1
v4_4_2b1
v4_4_2b1_f1
v4_4_2b1_f2
v4_4_3