CVE-2021-25217

In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:isc:dhcp:*:*:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r10:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r10_b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r10_rc1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r10b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r10rc1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r11:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r11_b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r11_rc1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r11_rc2:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r11b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r11rc1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r11rc2:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r12:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r12-p1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r12_b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r12_p1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r12b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r13:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r13_b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r13b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r14:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r14_b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r14b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r15:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r15-p1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r15_b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r16:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*

Configuration 14 (hide)

OR cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*

Configuration 15 (hide)

OR cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*
cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*

History

07 Nov 2023, 03:31

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5QI4DYC7J4BGHEW3NH4XHMWTHYC36UK4/', 'name': 'FEDORA-2021-8ca8263bde', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z2LB42JWIV4M4WDNXX5VGIP26FEYWKIF/', 'name': 'FEDORA-2021-08cdb4dc34', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5QI4DYC7J4BGHEW3NH4XHMWTHYC36UK4/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LB42JWIV4M4WDNXX5VGIP26FEYWKIF/ -

03 May 2023, 12:15

Type Values Removed Values Added
References
  • (GENTOO) https://security.gentoo.org/glsa/202305-22 -

29 Oct 2022, 02:48

Type Values Removed Values Added
First Time Siemens sinec Ins
References (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf - (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf - Patch, Third Party Advisory
CPE cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*
cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*

13 Sep 2022, 12:15

Type Values Removed Values Added
References
  • (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf -

13 May 2022, 20:47

Type Values Removed Values Added
First Time Siemens ruggedcom Rox Rx1524
Siemens ruggedcom Rox Rx1510 Firmware
Netapp solidfire \& Hci Management Node
Siemens
Netapp
Siemens ruggedcom Rox Rx1501
Siemens ruggedcom Rox Rx1501 Firmware
Siemens ruggedcom Rox Rx1536
Siemens ruggedcom Rox Rx1511
Siemens ruggedcom Rox Rx1536 Firmware
Siemens ruggedcom Rox Rx1500
Siemens ruggedcom Rox Rx1400
Siemens ruggedcom Rox Rx1512 Firmware
Siemens ruggedcom Rox Rx1524 Firmware
Siemens ruggedcom Rox Rx5000
Siemens ruggedcom Rox Mx5000
Siemens ruggedcom Rox Mx5000 Firmware
Siemens ruggedcom Rox Rx1512
Siemens ruggedcom Rox Rx1500 Firmware
Siemens ruggedcom Rox Rx5000 Firmware
Siemens ruggedcom Rox Rx1511 Firmware
Siemens ruggedcom Rox Rx1510
Netapp ontap Select Deploy Administration Utility
Siemens ruggedcom Rox Rx1400 Firmware
References (CONFIRM) https://security.netapp.com/advisory/ntap-20220325-0011/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20220325-0011/ - Third Party Advisory
References (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-406691.pdf - (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-406691.pdf - Patch, Third Party Advisory
CPE cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*

25 Mar 2022, 08:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20220325-0011/ -

10 Mar 2022, 17:42

Type Values Removed Values Added
References
  • (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-406691.pdf -

09 Jun 2021, 16:47

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : 3.3
v3 : 7.4
CWE CWE-119
References (MLIST) https://lists.debian.org/debian-lts-announce/2021/06/msg00002.html - (MLIST) https://lists.debian.org/debian-lts-announce/2021/06/msg00002.html - Mailing List, Third Party Advisory
References (MLIST) http://www.openwall.com/lists/oss-security/2021/05/26/6 - (MLIST) http://www.openwall.com/lists/oss-security/2021/05/26/6 - Mailing List, Patch, Third Party Advisory
References (CONFIRM) https://kb.isc.org/docs/cve-2021-25217 - (CONFIRM) https://kb.isc.org/docs/cve-2021-25217 - Exploit, Vendor Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5QI4DYC7J4BGHEW3NH4XHMWTHYC36UK4/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5QI4DYC7J4BGHEW3NH4XHMWTHYC36UK4/ - Mailing List, Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z2LB42JWIV4M4WDNXX5VGIP26FEYWKIF/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z2LB42JWIV4M4WDNXX5VGIP26FEYWKIF/ - Mailing List, Third Party Advisory
CPE cpe:2.3:a:isc:dhcp:4.1-esv:r10b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r11b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r14b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r14:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r15:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r10rc1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r12-p1:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r11_rc1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r15-p1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r11_rc2:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r15_b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r13_b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:*:*:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r10_b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r11rc2:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r11:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r10_rc1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r12b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r10:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r11_b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r11rc1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r12_b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r13:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r16:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r12:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r12_p1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r14_b1:*:*:*:*:*:*
cpe:2.3:a:isc:dhcp:4.1-esv:r13b1:*:*:*:*:*:*

05 Jun 2021, 04:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5QI4DYC7J4BGHEW3NH4XHMWTHYC36UK4/ -

03 Jun 2021, 14:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2021/06/msg00002.html -

03 Jun 2021, 05:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z2LB42JWIV4M4WDNXX5VGIP26FEYWKIF/ -
  • (MLIST) http://www.openwall.com/lists/oss-security/2021/05/26/6 -

26 May 2021, 23:15

Type Values Removed Values Added
New CVE

Information

Published : 2021-05-26 22:15

Updated : 2023-12-10 13:55


NVD link : CVE-2021-25217

Mitre link : CVE-2021-25217

CVE.ORG link : CVE-2021-25217


JSON object : View

Products Affected

siemens

  • ruggedcom_rox_rx1536_firmware
  • ruggedcom_rox_mx5000_firmware
  • ruggedcom_rox_rx1510_firmware
  • ruggedcom_rox_rx1511
  • ruggedcom_rox_rx1500
  • ruggedcom_rox_rx1500_firmware
  • ruggedcom_rox_rx1501_firmware
  • ruggedcom_rox_rx1400_firmware
  • ruggedcom_rox_rx1511_firmware
  • ruggedcom_rox_rx1512
  • ruggedcom_rox_rx1536
  • ruggedcom_rox_rx1501
  • ruggedcom_rox_rx1512_firmware
  • ruggedcom_rox_rx1400
  • ruggedcom_rox_rx1524
  • ruggedcom_rox_rx5000
  • ruggedcom_rox_rx1510
  • ruggedcom_rox_rx1524_firmware
  • ruggedcom_rox_mx5000
  • sinec_ins
  • ruggedcom_rox_rx5000_firmware

netapp

  • solidfire_\&_hci_management_node
  • ontap_select_deploy_administration_utility

debian

  • debian_linux

fedoraproject

  • fedora

isc

  • dhcp
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer