rpm package
opensuse/kea&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/kea&distro=openSUSE%20Tumbleweed
Vulnerabilities (6)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-3608 | — | < 3.0.3-1.1 | 3.0.3-1.1 | Mar 25, 2026 | Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error. This issue affects Kea versions 2.6.0 through 2.6.4 and 3. | ||
| CVE-2025-11232 | Hig | 7.5 | < 3.0.2-1.1 | 3.0.2-1.1 | Oct 29, 2025 | To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "[^A-Za-z0-9.-]"; "hostname-char-replacement" must be empty (the default); and "ddns-qualifying-suffix" must *NOT* be empty (the def | |
| CVE-2025-40779 | Hig | 7.5 | < 3.0.1-1.1 | 3.0.1-1.1 | Aug 27, 2025 | If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the `kea-dhcp4` process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not | |
| CVE-2025-32803 | Med | 4.0 | < 2.6.3-1.1 | 2.6.3-1.1 | May 28, 2025 | In some cases, Kea log files or lease files may be world-readable. This issue affects Kea versions 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8. | |
| CVE-2025-32802 | Med | 6.1 | < 2.6.3-1.1 | 2.6.3-1.1 | May 28, 2025 | Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to Kea. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affec | |
| CVE-2025-32801 | Hig | 7.8 | < 2.6.3-1.1 | 2.6.3-1.1 | May 28, 2025 | Kea configuration and API directives can be used to load a malicious hook library. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affects Kea versions 2.4.0 through 2.4.1 |
- CVE-2026-3608Mar 25, 2026affected < 3.0.3-1.1fixed 3.0.3-1.1
Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error. This issue affects Kea versions 2.6.0 through 2.6.4 and 3.
- affected < 3.0.2-1.1fixed 3.0.2-1.1
To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "[^A-Za-z0-9.-]"; "hostname-char-replacement" must be empty (the default); and "ddns-qualifying-suffix" must *NOT* be empty (the def
- affected < 3.0.1-1.1fixed 3.0.1-1.1
If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the `kea-dhcp4` process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not
- affected < 2.6.3-1.1fixed 2.6.3-1.1
In some cases, Kea log files or lease files may be world-readable. This issue affects Kea versions 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8.
- affected < 2.6.3-1.1fixed 2.6.3-1.1
Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to Kea. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affec
- affected < 2.6.3-1.1fixed 2.6.3-1.1
Kea configuration and API directives can be used to load a malicious hook library. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affects Kea versions 2.4.0 through 2.4.1