Buffer Overflow in Dhcp6relay in Software for Open Networking in the Cloud (SONiC)

CVE ID

CVE-2022-0324

Description

There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. Dhcp6relay is a critical process and could cause dhcp relay docker to shutdown.

Tested Versions

202111

Details

SONiC is an open source network operating system based on Linux that runs on switches from multiple vendors and ASICs.

Timeline

  • 2021-12-31 - Vendor Disclosure
  • 2022-01-28 - Vendor Patched
  • 2022-08-01 - Public Release

Credit

Discovered by Eugene Lim of GovTech Singapore.