PublicDateAtUSN: 2016-01-12
Candidate: CVE-2015-8605
CRD: 2016-01-12
PublicDate: 2016-01-14 22:59:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8605
 https://kb.isc.org/article/AA-01334
 https://ubuntu.com/security/notices/USN-2868-1
Description:
 ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows
 remote attackers to cause a denial of service (application crash) via an
 invalid length field in a UDP IPv4 packet.
Ubuntu-Description: 
Notes: 
Bugs: 
Priority: medium
Discovered-by: Sebastian Poehn
Assigned-to: mdeslaur
CVSS:
 nvd: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [6.5 MEDIUM]

Patches_isc-dhcp:
upstream_isc-dhcp: released (4.1-ESV-R13,4.3.3-P1)
precise_isc-dhcp: released (4.1.ESV-R4-0ubuntu5.10)
trusty_isc-dhcp: released (4.2.4-7ubuntu12.4)
trusty/esm_isc-dhcp: released (4.2.4-7ubuntu12.4)
vivid_isc-dhcp: released (4.3.1-5ubuntu2.3)
wily_isc-dhcp: released (4.3.1-5ubuntu3.1)
devel_isc-dhcp: released (4.3.1-5ubuntu5)
vivid/stable-phone-overlay_isc-dhcp: released (4.3.1-5ubuntu2.3)
vivid/ubuntu-core_isc-dhcp: released (4.3.1-5ubuntu2.3)