ASA-201803-4 log original external raw

[ASA-201803-4] dhcp: denial of service
Arch Linux Security Advisory ASA-201803-4 ========================================= Severity: High Date : 2018-03-05 CVE-ID : CVE-2018-5733 Package : dhcp Type : denial of service Remote : Yes Link : Summary ======= The package dhcp before version 4.4.1-1 is vulnerable to denial of service. Resolution ========== Upgrade to 4.4.1-1. # pacman -Syu "dhcp>=4.4.1-1" The problem has been fixed upstream in version 4.4.1. Workaround ========== None. Description =========== A denial of service flaw was found in the way dhcpd handled reference counting when processing client requests. A malicious DHCP client could use this flaw to trigger a reference count overflow on the server side, potentially causing dhcpd to crash, by sending large amounts of traffic. Impact ====== A remote attacker is able to crash the dhcpd process by sending large amounts of traffic. References ==========;a=commitdiff;h=197b26f25309f947b97a83b8fdfc414b767798f8