FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ISC KEA -- kea-dhcp4 aborts if client sends a broadcast request with particular options

Affected packages
3.0.0	<=	kea	<	3.0.1
3.1.0	<=	kea-devel	<	3.1.1
2.7.1	<=	kea-devel	<=	2.7.9

Details

VuXML ID	f727fe60-8389-11f0-8438-001b217e4ee5
Discovery	2025-08-27
Entry	2025-08-27

Internet Systems Consortium, Inc. reports:

We corrected an issue in `kea-dhcp4` that caused the server to abort if a client sent a broadcast request with particular options, and Kea failed to find an appropriate subnet for that client. This addresses CVE-2025-40779 [#4055, #4048].

[source]

References

CVE Name

CVE-2025-40779