CVE-2017-3144
isc-dhcp - security update
7.5
HIGH
CVSS 3.1
EPSS 11.8%
Description
A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested.
How to fix CVE-2017-3144
To remediate CVE-2017-3144, upgrade the affected package to a fixed version below.
- —upgrade to 4.3.5-3.1 or later
- —upgrade to 4.3.1-6+deb8u3 or later
Is CVE-2017-3144 being exploited?
Moderate — EPSS is 11.8%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 4.3.5-3.1
- from 0, < 4.3.1-6+deb8u3
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |