If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the `kea-dhcp4` process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem.
This issue affects Kea versions 2.7.1 through 2.7.9, 3.0.0, and 3.1.0.
This issue affects Kea versions 2.7.1 through 2.7.9, 3.0.0, and 3.1.0.
Metrics
Affected Vendors & Products
References
History
Fri, 29 Aug 2025 00:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Thu, 28 Aug 2025 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 28 Aug 2025 07:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Isc
Isc kea |
|
Vendors & Products |
Isc
Isc kea |
Wed, 27 Aug 2025 20:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the `kea-dhcp4` process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem. This issue affects Kea versions 2.7.1 through 2.7.9, 3.0.0, and 3.1.0. | |
Title | Kea crash upon interaction between specific client options and subnet selection | |
Weaknesses | CWE-476 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: isc
Published:
Updated: 2025-08-28T14:08:05.935Z
Reserved: 2025-04-16T08:44:49.857Z
Link: CVE-2025-40779

Updated: 2025-08-28T14:08:00.526Z

Status : Awaiting Analysis
Published: 2025-08-27T21:15:54.960
Modified: 2025-08-29T16:24:09.860
Link: CVE-2025-40779


Updated: 2025-08-28T07:40:55Z