Wednesday, May 16, 2018

Security Update: Red Hat Linux DHCP Client

[2018-05-19]

All the affected Cloud Images has been updated.

--------

A new security vulnerability in the DHCP client implementation of Red Hat Linux has been discovered. The vulnerability, tracked as CVE-2018-1111, could allow attackers to execute arbitrary commands with root privileges on targeted systems. This issue affects Red Hat, Oracle Enterprise Linux, and CentOS servers. For further information, check the Red Hat official announcement.

The command injection flaw resides in the NetworkManager integration script included in the DHCP client packages. A malicious DHCP server or an attacker on the local network able to spoof DHCP responses could use this vulnerability to execute arbitrary commands with root privileges on systems. This is possible by configuring the NetworkManager to obtain network configuration using the DHCP protocol. Red Hat has confirmed that this vulnerability impacts both the Red Hat Enterprise Linux 6 and 7. It is strongly recommended to update the dhclient package (as soon as the newer versions will be available) if you are running one of these affected versions.

We believe it is of the utmost importance to quickly address any security issues in applications distributed by Bitnami. Our team is working to update all of the affected Cloud Images available through Bitnami for all Cloud Providers. We will keep you updated in this blog post.

How to mitigate the issue

In the meantime, you can mitigate this problem by updating the tool using the package manager included in the affected systems (yum).

  sudo yum install dhcp-common

Once updated, you will have one of the following versions:

  • RedHat:           4.2.5-68.el7_5.1
  • CentOS:           4.2.5-68.el7.centos.1
  • Oracle Server:  4.2.5-68.0.1.el7_5.1 

Red Hat warns: "Users have the option to remove or disable the vulnerable script, but this will prevent certain configuration parameters provided by the DHCP server from being configured on a local system, such as addresses of the local NTP or NIS servers".

How to obtain the installed version of the package

To check the currently installed version on your system:

  sudo yum -q info installed dhcp-common

If you have additional questions about this security issue, post them in our community forum, and we will be happy to help you.