CVE-2018-5739 : Exploit Details and Defense Strategies

Kea DHCP 1.4.0 introduced a memory leak issue due to a new feature, causing memory exhaustion and server failure.

Understanding CVE-2018-5739

What is CVE-2018-5739?

In Kea DHCP 1.4.0, a memory leak vulnerability was introduced through a new feature related to hooks, leading to memory depletion and potential server crashes.

The Impact of CVE-2018-5739

The vulnerability can exhaust system memory, causing Kea DHCP servers to fail, especially when specific hook library functionalities are utilized.

Technical Details of CVE-2018-5739

Vulnerability Description

Kea 1.4.0's callout handle store fails to release memory properly in certain scenarios, resulting in memory leaks with query4 or query6 parameters in callouts.

Affected Systems and Versions

Product: Kea DHCP
Vendor: ISC
Version: Kea DHCP 1.4.0

Exploitation Mechanism

Attack Complexity: Low
Attack Vector: Adjacent Network
Availability Impact: High

Mitigation and Prevention

Immediate Steps to Take

Upgrade to Kea 1.4.0-P1 or higher
Monitor and restart Kea DHCP services regularly

Long-Term Security Practices

Run Kea without hook libraries using the callout store
Revert to Kea DHCP 1.3.0 cautiously
Contact security-officer@isc.org for rollback assistance

Patching and Updates

Solutions: Upgrade to Kea 1.4.0-P1 or higher
Additional information available at https://kb.isc.org/docs/aa-01626