kea
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | High-performance, extensible DHCP server engine from ISC, supporting both DHCPv4 and DHCPv6 |
| Version |
3.0.0-4 [extra-testing] 2.6.3-2 [extra] |
Open
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2886 | 2.6.2-1 | High | Vulnerable |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2025-32803 | AVG-2886 | Medium | No | Information disclosure | In some cases, Kea log files or lease files may be world-readable. If an attacker has access to a local unprivileged user account, they would be able to... |
| CVE-2025-32802 | AVG-2886 | Medium | No | Privilege escalation | Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to Kea. Many common configurations run Kea as... |
| CVE-2025-32801 | AVG-2886 | High | No | Privilege escalation | Kea configuration and API directives can be used to load a malicious hook library. Many common configurations run Kea as root, leave the API entry points... |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-1032 | 1.5.0-14 | 1.8.0-1 | High | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2019-6474 | AVG-1032 | High | Yes | Denial of service | An issue has been found in the Kea DHCPv6 server before 1.6.0 or 1.5.0-P1, where a missing check on incoming client requests can be exploited to cause a... |
| CVE-2019-6473 | AVG-1032 | Medium | Yes | Denial of service | An issue has been found in the Kea DHCPv6 server before 1.6.0 or 1.5.0-P1, which can exit with an assertion failure if it receives a packed containing a... |
| CVE-2019-6472 | AVG-1032 | High | Yes | Denial of service | An issue has been found in the Kea DHCPv6 server before 1.6.0 or 1.5.0-P1, which can exit with an assertion failure if the DHCPv6 server process receives a... |