CVE-2022-2928

Source
https://cve.org/CVERecord?id=CVE-2022-2928
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-2928.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-2928
Downstream
Related
Published
2022-10-07T05:15:08.677Z
Modified
2026-07-07T08:51:06.705200857Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function optioncodehashlookup() is called from addoption(), it increases the option's refcount field. However, there is not a corresponding call to optiondereference() to decrement the refcount field. The function addoption() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort.

Database specific
{
    "unresolved_ranges": [
        {
            "vendor_product": "debian:debian_linux",
            "cpes": [
                "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"
            ],
            "source": "CPE_STRING",
            "extracted_events": [
                {
                    "introduced": "10.0"
                },
                {
                    "last_affected": "10.0"
                }
            ]
        },
        {
            "vendor_product": "fedoraproject:fedora",
            "cpes": [
                "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
                "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
                "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*"
            ],
            "source": "CPE_STRING",
            "extracted_events": [
                {
                    "introduced": "35"
                },
                {
                    "last_affected": "35"
                },
                {
                    "introduced": "36"
                },
                {
                    "last_affected": "36"
                },
                {
                    "introduced": "37"
                },
                {
                    "last_affected": "37"
                }
            ]
        }
    ]
}
References

Affected packages

Git / gitlab.isc.org/isc-projects/dhcp

Affected ranges

Type
GIT
Repo
https://gitlab.isc.org/isc-projects/dhcp
Events
Database specific
{
    "cpe": [
        "cpe:2.3:a:isc:dhcp:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r10:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r10_b1:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r10b1:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r10_rc1:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r10rc1:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r11:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r11_b1:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r11b1:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r11_rc1:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r11rc1:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r11_rc2:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r11rc2:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r12:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r12-p1:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r12_b1:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r12_p1:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r12b1:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r13:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r13_b1:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r13b1:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r14:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r14_b1:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r14b1:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r15:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r15-p1:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r15_b1:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r16:*:*:*:*:*:*",
        "cpe:2.3:a:isc:dhcp:4.1-esv:r16-p1:*:*:*:*:*:*"
    ],
    "source": [
        "CPE_RANGE",
        "CPE_STRING"
    ],
    "extracted_events": [
        {
            "introduced": "4.4.0"
        },
        {
            "last_affected": "4.4.3"
        },
        {
            "introduced": "4.1-esv-r1"
        },
        {
            "last_affected": "4.1-esv-r1"
        },
        {
            "introduced": "4.1-esv-r10"
        },
        {
            "last_affected": "4.1-esv-r10"
        },
        {
            "introduced": "4.1-esv-r10_b1"
        },
        {
            "last_affected": "4.1-esv-r10_b1"
        },
        {
            "introduced": "4.1-esv-r10b1"
        },
        {
            "last_affected": "4.1-esv-r10b1"
        },
        {
            "introduced": "4.1-esv-r10_rc1"
        },
        {
            "last_affected": "4.1-esv-r10_rc1"
        },
        {
            "introduced": "4.1-esv-r10rc1"
        },
        {
            "last_affected": "4.1-esv-r10rc1"
        },
        {
            "introduced": "4.1-esv-r11"
        },
        {
            "last_affected": "4.1-esv-r11"
        },
        {
            "introduced": "4.1-esv-r11_b1"
        },
        {
            "last_affected": "4.1-esv-r11_b1"
        },
        {
            "introduced": "4.1-esv-r11b1"
        },
        {
            "last_affected": "4.1-esv-r11b1"
        },
        {
            "introduced": "4.1-esv-r11_rc1"
        },
        {
            "last_affected": "4.1-esv-r11_rc1"
        },
        {
            "introduced": "4.1-esv-r11rc1"
        },
        {
            "last_affected": "4.1-esv-r11rc1"
        },
        {
            "introduced": "4.1-esv-r11_rc2"
        },
        {
            "last_affected": "4.1-esv-r11_rc2"
        },
        {
            "introduced": "4.1-esv-r11rc2"
        },
        {
            "last_affected": "4.1-esv-r11rc2"
        },
        {
            "introduced": "4.1-esv-r12"
        },
        {
            "last_affected": "4.1-esv-r12"
        },
        {
            "introduced": "4.1-esv-r12\\-p1"
        },
        {
            "last_affected": "4.1-esv-r12\\-p1"
        },
        {
            "introduced": "4.1-esv-r12_b1"
        },
        {
            "last_affected": "4.1-esv-r12_b1"
        },
        {
            "introduced": "4.1-esv-r12_p1"
        },
        {
            "last_affected": "4.1-esv-r12_p1"
        },
        {
            "introduced": "4.1-esv-r12b1"
        },
        {
            "last_affected": "4.1-esv-r12b1"
        },
        {
            "introduced": "4.1-esv-r13"
        },
        {
            "last_affected": "4.1-esv-r13"
        },
        {
            "introduced": "4.1-esv-r13_b1"
        },
        {
            "last_affected": "4.1-esv-r13_b1"
        },
        {
            "introduced": "4.1-esv-r13b1"
        },
        {
            "last_affected": "4.1-esv-r13b1"
        },
        {
            "introduced": "4.1-esv-r14"
        },
        {
            "last_affected": "4.1-esv-r14"
        },
        {
            "introduced": "4.1-esv-r14_b1"
        },
        {
            "last_affected": "4.1-esv-r14_b1"
        },
        {
            "introduced": "4.1-esv-r14b1"
        },
        {
            "last_affected": "4.1-esv-r14b1"
        },
        {
            "introduced": "4.1-esv-r15"
        },
        {
            "last_affected": "4.1-esv-r15"
        },
        {
            "introduced": "4.1-esv-r15\\-p1"
        },
        {
            "last_affected": "4.1-esv-r15\\-p1"
        },
        {
            "introduced": "4.1-esv-r15_b1"
        },
        {
            "last_affected": "4.1-esv-r15_b1"
        },
        {
            "introduced": "4.1-esv-r16"
        },
        {
            "last_affected": "4.1-esv-r16"
        },
        {
            "introduced": "4.1-esv-r16\\-p1"
        },
        {
            "last_affected": "4.1-esv-r16\\-p1"
        }
    ]
}

Affected versions

4.*
4.1-esv-r1
4.1-esv-r10
4.1-esv-r10_b1
4.1-esv-r10_rc1
4.1-esv-r11
4.1-esv-r11_b1
4.1-esv-r11_rc1
4.1-esv-r11_rc2
4.1-esv-r12
4.1-esv-r12\-p1
4.1-esv-r13
4.1-esv-r13_b1
4.1-esv-r14
4.1-esv-r14_b1
4.1-esv-r15
4.1-esv-r15\-p1
4.1-esv-r16
4.1-esv-r16\-p1
Other
list
v4_1_esv_R4_Oracle
v4_1_esv_r1
v4_1_esv_r10
v4_1_esv_r10b1
v4_1_esv_r10rc1
v4_1_esv_r11
v4_1_esv_r11b1
v4_1_esv_r11rc1
v4_1_esv_r11rc2
v4_1_esv_r12
v4_1_esv_r12b1
v4_1_esv_r13
v4_1_esv_r13b1
v4_1_esv_r14
v4_1_esv_r14b1
v4_1_esv_r15
v4_1_esv_r15b1
v4_1_esv_r16b1
v4_1_esv_r2
v4_1_esv_r3
v4_1_esv_r4
v4_1_esv_r5
v4_1_esv_r5b1
v4_1_esv_r5rc1
v4_1_esv_r5rc2
v4_1_esv_r6
v4_1_esv_r7
v4_1_esv_r8
v4_1_esv_r8b1
v4_1_esv_r8rc1
v4_1_esv_r9
v4_1_esv_r9b1
v4_1_esv_r9rc1
v4_4_0
v4_4_0_f1
v4_4_1
v4_4_1_f1
v4_4_2
v4_4_2_f1
v4_4_2b1
v4_4_2b1_f1
v4_4_2b1_f2
v4_4_3

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-2928.json"