Update fixes DoS vulnerability in DHCPv6 server
The Internet Systems Consortium (ISC) has released an update to address a denial of service (DoS) vulnerability for the DHCPv6 server. According to the ISC report, when the DHCPv6 server processes a message for an address that was previously declined it can trigger an assert failure resulting in the server crashing. This can be remotely exploited to disrupt the allocation of IPv6 addresses. This issue only affects DHCPv6 servers – DHCPv4 servers are unaffected.
According to the ISC, versions 4.0.x to 4.2.x of the DHCPv6 server are affected. Upgrading to 4.1.2-P1, 4.1-ESV-R1 or 4.2.1b1 solves the problem.