VDB
ALPINE-CVE-2022-2929
ALPINE-CVE-2022-2929
PUBLISHED
CVSS 6.5 MEDIUM
In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.15 | dhcp | 4.2.0, 4.2.0-r0, 4.1.1 |
| Alpine:v3.20 | dhcp | 4.4.1-r1, 4.4.1-r2, 4.4.1-r3 |
| Alpine:v3.17 | dhcp | 4.4.1-r0, 4.3.5-r0, 4.3.4-r3 |
| Alpine:v3.13 | dhcp | 0, 4.1.0-r0, 4.1.0_p1-r0 |
| Alpine:v3.14 | dhcp | 0, 4.1.0-r0, 4.1.0_p1-r0 |
| Alpine:v3.19 | dhcp | 0, 4.1.0-r0, 4.1.0_p1-r0 |
| Alpine:v3.16 | dhcp | 4.3.4-r0, 0, 4.1.0-r0 |
| Alpine:v3.18 | dhcp | 4.2.5_p1-r0, 4.2.4_p2-r0, 4.2.4_p1-r1 |
Timeline
- Oct 7, 2022 CVE Published
- Nov 19, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch