An update for dhcp is now available for openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS,openEuler-24.03-LTS-SP1 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2025-1341 Final 1.0 1.0 2025-03-29 Initial 2025-03-29 2025-03-29 openEuler SA Tool V1.0 2025-03-29 dhcp security update An update for dhcp is now available for openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS,openEuler-24.03-LTS-SP1 The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on UDP/IP networks whereby a DHCP server dynamically assigns an IP address and other network configuration parameters to each device on a network so they can communicate with other IP networks. Security Fix(es): It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate resources processing the queries. Zones will usually need to have been deliberately crafted to attack this exposure. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.32-S1.(CVE-2024-11187) An update for dhcp is now available for openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS,openEuler-24.03-LTS-SP1. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High dhcp https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1341 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-11187 https://nvd.nist.gov/vuln/detail/CVE-2024-11187 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP3 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS openEuler-24.03-LTS-SP1 dhcp-4.4.2-14.oe2003sp4.aarch64.rpm dhcp-debuginfo-4.4.2-14.oe2003sp4.aarch64.rpm dhcp-debugsource-4.4.2-14.oe2003sp4.aarch64.rpm dhcp-devel-4.4.2-14.oe2003sp4.aarch64.rpm dhcp-4.4.3-9.oe2203sp3.aarch64.rpm dhcp-debuginfo-4.4.3-9.oe2203sp3.aarch64.rpm dhcp-debugsource-4.4.3-9.oe2203sp3.aarch64.rpm dhcp-devel-4.4.3-9.oe2203sp3.aarch64.rpm dhcp-4.4.3-9.oe2203sp4.aarch64.rpm dhcp-debuginfo-4.4.3-9.oe2203sp4.aarch64.rpm dhcp-debugsource-4.4.3-9.oe2203sp4.aarch64.rpm dhcp-devel-4.4.3-9.oe2203sp4.aarch64.rpm dhcp-4.4.3-10.oe2403.aarch64.rpm dhcp-debuginfo-4.4.3-10.oe2403.aarch64.rpm dhcp-debugsource-4.4.3-10.oe2403.aarch64.rpm dhcp-devel-4.4.3-10.oe2403.aarch64.rpm dhcp-4.4.3-10.oe2403sp1.aarch64.rpm dhcp-debuginfo-4.4.3-10.oe2403sp1.aarch64.rpm dhcp-debugsource-4.4.3-10.oe2403sp1.aarch64.rpm dhcp-devel-4.4.3-10.oe2403sp1.aarch64.rpm dhcp-4.4.2-14.oe2003sp4.src.rpm dhcp-4.4.3-9.oe2203sp3.src.rpm dhcp-4.4.3-9.oe2203sp4.src.rpm dhcp-4.4.3-10.oe2403.src.rpm dhcp-4.4.3-10.oe2403sp1.src.rpm dhcp-4.4.2-14.oe2003sp4.x86_64.rpm dhcp-debuginfo-4.4.2-14.oe2003sp4.x86_64.rpm dhcp-debugsource-4.4.2-14.oe2003sp4.x86_64.rpm dhcp-devel-4.4.2-14.oe2003sp4.x86_64.rpm dhcp-4.4.3-9.oe2203sp3.x86_64.rpm dhcp-debuginfo-4.4.3-9.oe2203sp3.x86_64.rpm dhcp-debugsource-4.4.3-9.oe2203sp3.x86_64.rpm dhcp-devel-4.4.3-9.oe2203sp3.x86_64.rpm dhcp-4.4.3-9.oe2203sp4.x86_64.rpm dhcp-debuginfo-4.4.3-9.oe2203sp4.x86_64.rpm dhcp-debugsource-4.4.3-9.oe2203sp4.x86_64.rpm dhcp-devel-4.4.3-9.oe2203sp4.x86_64.rpm dhcp-4.4.3-10.oe2403.x86_64.rpm dhcp-debuginfo-4.4.3-10.oe2403.x86_64.rpm dhcp-debugsource-4.4.3-10.oe2403.x86_64.rpm dhcp-devel-4.4.3-10.oe2403.x86_64.rpm dhcp-4.4.3-10.oe2403sp1.x86_64.rpm dhcp-debuginfo-4.4.3-10.oe2403sp1.x86_64.rpm dhcp-debugsource-4.4.3-10.oe2403sp1.x86_64.rpm dhcp-devel-4.4.3-10.oe2403sp1.x86_64.rpm dhcp-help-4.4.2-14.oe2003sp4.noarch.rpm dhcp-help-4.4.3-9.oe2203sp3.noarch.rpm dhcp-help-4.4.3-9.oe2203sp4.noarch.rpm dhcp-help-4.4.3-10.oe2403.noarch.rpm dhcp-help-4.4.3-10.oe2403sp1.noarch.rpm It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate resources processing the queries. Zones will usually need to have been deliberately crafted to attack this exposure. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.32-S1. 2025-03-29 CVE-2024-11187 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP3 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS openEuler-24.03-LTS-SP1 High 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H dhcp security update 2025-03-29 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1341