Multiple products - Integer overflow in dhcpd daemon
Fortinet PSIRT Advisories
Fortinet PSIRT Contact:
Website: https://fortiguard.fortinet.com/faq/psirt-contact
FG-IR-21-155
Final
1
1
2022-07-05T00:00:00
Current version
2022-07-05T00:00:00
2022-07-05T00:00:00
An integer overflow / wraparound vulnerability [CWE-190] in the FortiOS, FortiProxy, FortiSwitch, FortiRecoder, and FortiVoiceEnterprise dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service.
None
Denial of service
FortiOS version 7.0.3 and below. FortiOS version 6.4.8 and below. FortiOS version 6.2.10 and below. FortiOS version 6.0.x. FortiProxy version 7.0.0. Fortiproxy version 2.0.6 and below. FortiProxy version 1.2.x. FortiProxy version 1.1.x. FortiProxy version 1.0.x. FortiSwitch version 7.0.2 and below. FortiSwitch version 6.4.9 and below. FortiSwitch version 6.2.x. FortiSwitch version 6.0.x. FortiRecorder version 6.4.2 and below. FortiRecorder version 6.0.10 and below. FortiVoiceEnterprise version 6.4.3 and below. FortiVoiceEnterprise version 6.0.10 and below.
Please upgrade to FortiOS version 7.0.4 or above. Please upgrade to FortiOS version 6.4.9 or above. Please upgrade to FortiOS version 6.2.11 or above. Please upgrade to FortiProxy version 7.0.1 or above. Please upgrade to FortiProxy version 2.0.7 or above. Please upgrade to FortiSwitch version 7.2.0 or above. Please upgrade to FortiSwitch version 7.0.3 or above. Please upgrade to FortiSwitch version 6.4.10 or above. Please upgrade to FortiRecorder version 6.4.3 or above. Please upgrade to FortiRecorder version 6.0.11 or above. Please upgrade to FortiVoiceEnterprise version 6.4.4 or above Please upgrade to FortiVoiceEnterprise version 6.0.11 or above
Fortinet is pleased to thank Nanyu Zhong and Yu Zhang from VARAS@IIE for reporting this vulnerability under responsible disclosure.
FortiOS 7.0.2
FortiOS 7.0.1
FortiOS 7.0.0
FortiOS 6.4.7
FortiOS 6.4.6
FortiOS 6.4.5
FortiOS 6.4.4
FortiOS 6.4.3
FortiOS 6.4.2
FortiOS 6.4.1
FortiOS 6.4.0
FortiOS 6.2.10
FortiOS 6.2.9
FortiOS 6.2.8
FortiOS 6.2.7
FortiOS 6.2.6
FortiOS 6.2.5
FortiOS 6.2.4
FortiOS 6.2.3
FortiOS 6.2.2
FortiOS 6.2.1
FortiOS 6.2.0
FortiOS 6.0.18
FortiOS 6.0.17
FortiOS 6.0.16
FortiOS 6.0.15
FortiOS 6.0.14
FortiOS 6.0.13
FortiOS 6.0.12
FortiOS 6.0.11
FortiOS 6.0.10
FortiOS 6.0.9
FortiOS 6.0.8
FortiOS 6.0.7
FortiOS 6.0.6
FortiOS 6.0.5
FortiOS 6.0.4
FortiOS 6.0.3
FortiOS 6.0.2
FortiOS 6.0.1
FortiOS 6.0.0
FortiOS 5.6.14
FortiOS 5.6.13
FortiOS 5.6.12
FortiOS 5.6.11
FortiOS 5.6.10
FortiOS 5.6.9
FortiOS 5.6.8
FortiOS 5.6.7
FortiOS 5.6.6
FortiOS 5.6.5
FortiOS 5.6.4
FortiOS 5.6.3
FortiOS 5.6.2
FortiOS 5.6.1
FortiOS 5.6.0
FortiOS 5.4.13
FortiOS 5.4.12
FortiOS 5.4.11
FortiOS 5.4.10
FortiOS 5.4.9
FortiOS 5.4.8
FortiOS 5.4.7
FortiOS 5.4.6
FortiOS 5.4.5
FortiOS 5.4.4
FortiOS 5.4.3
FortiOS 5.4.2
FortiOS 5.4.1
FortiOS 5.4.0
FortiProxy 7.0.0
FortiProxy 2.0.6
FortiProxy 2.0.5
FortiProxy 2.0.4
FortiProxy 2.0.3
FortiProxy 2.0.2
FortiProxy 2.0.1
FortiProxy 2.0.0
FortiProxy 1.2.13
FortiProxy 1.2.12
FortiProxy 1.2.11
FortiProxy 1.2.10
FortiProxy 1.2.9
FortiProxy 1.2.8
FortiProxy 1.2.7
FortiProxy 1.2.6
FortiProxy 1.2.5
FortiProxy 1.2.4
FortiProxy 1.2.3
FortiProxy 1.2.2
FortiProxy 1.2.1
FortiProxy 1.2.0
FortiProxy 1.1.6
FortiProxy 1.1.5
FortiProxy 1.1.4
FortiProxy 1.1.3
FortiProxy 1.1.2
FortiProxy 1.1.1
FortiProxy 1.1.0
FortiProxy 1.0.7
FortiProxy 1.0.6
FortiProxy 1.0.5
FortiProxy 1.0.4
FortiProxy 1.0.3
FortiProxy 1.0.2
FortiProxy 1.0.1
FortiProxy 1.0.0
FortiRecorder 6.4.2
FortiRecorder 6.4.1
FortiRecorder 6.4.0
FortiRecorder 6.0.10
FortiRecorder 6.0.9
FortiRecorder 6.0.8
FortiRecorder 6.0.7
FortiRecorder 6.0.6
FortiRecorder 6.0.5
FortiRecorder 6.0.4
FortiRecorder 6.0.3
FortiRecorder 6.0.2
FortiRecorder 6.0.1
FortiRecorder 6.0.0
FortiSwitch 7.0.2
FortiSwitch 7.0.1
FortiSwitch 7.0.0
FortiSwitch 6.4.9
FortiSwitch 6.4.8
FortiSwitch 6.4.7
FortiSwitch 6.4.6
FortiSwitch 6.4.5
FortiSwitch 6.4.4
FortiSwitch 6.4.3
FortiSwitch 6.4.2
FortiSwitch 6.4.1
FortiSwitch 6.4.0
FortiSwitch 6.2.7
FortiSwitch 6.2.6
FortiSwitch 6.2.5
FortiSwitch 6.2.4
FortiSwitch 6.2.3
FortiSwitch 6.2.2
FortiSwitch 6.2.1
FortiSwitch 6.2.0
FortiSwitch 6.0.7
FortiSwitch 6.0.6
FortiSwitch 6.0.5
FortiSwitch 6.0.4
FortiSwitch 6.0.3
FortiSwitch 6.0.2
FortiSwitch 6.0.1
FortiSwitch 6.0.0
FortiVoice 6.4.3
FortiVoice 6.4.2
FortiVoice 6.4.1
FortiVoice 6.4.0
FortiVoice 6.0.10
FortiVoice 6.0.9
FortiVoice 6.0.8
FortiVoice 6.0.7
FortiVoice 6.0.6
FortiVoice 6.0.5
FortiVoice 6.0.4
FortiVoice 6.0.3
FortiVoice 6.0.2
FortiVoice 6.0.1
FortiVoice 6.0.0
FortiVoice 5.3.26
FortiVoice 5.3.25
FortiVoice 5.3.24
FortiVoice 5.3.23
FortiVoice 5.3.22
FortiVoice 5.3.21
FortiVoice 5.3.20
FortiVoice 5.3.19
FortiVoice 5.3.18
FortiVoice 5.3.17
FortiVoice 5.3.16
FortiVoice 5.3.15
FortiVoice 5.3.14
FortiVoice 5.3.13
FortiVoice 5.3.12
FortiVoice 5.3.11
FortiVoice 5.3.10
FortiVoice 5.3.8
FortiVoice 5.3.7
FortiVoice 5.3.6
FortiVoice 5.3.5
FortiVoice 5.3.4
FortiVoice 5.3.3
FortiVoice 5.3.2
FortiVoice 5.3.1
FortiVoice 5.3.0
Multiple products - Integer overflow in dhcpd daemon
CVE-2021-42755
FortiOS-7.0.2
FortiOS-7.0.1
FortiOS-7.0.0
FortiOS-6.4.7
FortiOS-6.4.6
FortiOS-6.4.5
FortiOS-6.4.4
FortiOS-6.4.3
FortiOS-6.4.2
FortiOS-6.4.1
FortiOS-6.4.0
FortiOS-6.2.10
FortiOS-6.2.9
FortiOS-6.2.8
FortiOS-6.2.7
FortiOS-6.2.6
FortiOS-6.2.5
FortiOS-6.2.4
FortiOS-6.2.3
FortiOS-6.2.2
FortiOS-6.2.1
FortiOS-6.2.0
FortiOS-6.0.18
FortiOS-6.0.17
FortiOS-6.0.16
FortiOS-6.0.15
FortiOS-6.0.14
FortiOS-6.0.13
FortiOS-6.0.12
FortiOS-6.0.11
FortiOS-6.0.10
FortiOS-6.0.9
FortiOS-6.0.8
FortiOS-6.0.7
FortiOS-6.0.6
FortiOS-6.0.5
FortiOS-6.0.4
FortiOS-6.0.3
FortiOS-6.0.2
FortiOS-6.0.1
FortiOS-6.0.0
FortiOS-5.6.14
FortiOS-5.6.13
FortiOS-5.6.12
FortiOS-5.6.11
FortiOS-5.6.10
FortiOS-5.6.9
FortiOS-5.6.8
FortiOS-5.6.7
FortiOS-5.6.6
FortiOS-5.6.5
FortiOS-5.6.4
FortiOS-5.6.3
FortiOS-5.6.2
FortiOS-5.6.1
FortiOS-5.6.0
FortiOS-5.4.13
FortiOS-5.4.12
FortiOS-5.4.11
FortiOS-5.4.10
FortiOS-5.4.9
FortiOS-5.4.8
FortiOS-5.4.7
FortiOS-5.4.6
FortiOS-5.4.5
FortiOS-5.4.4
FortiOS-5.4.3
FortiOS-5.4.2
FortiOS-5.4.1
FortiOS-5.4.0
FortiProxy-7.0.0
FortiProxy-2.0.6
FortiProxy-2.0.5
FortiProxy-2.0.4
FortiProxy-2.0.3
FortiProxy-2.0.2
FortiProxy-2.0.1
FortiProxy-2.0.0
FortiProxy-1.2.13
FortiProxy-1.2.12
FortiProxy-1.2.11
FortiProxy-1.2.10
FortiProxy-1.2.9
FortiProxy-1.2.8
FortiProxy-1.2.7
FortiProxy-1.2.6
FortiProxy-1.2.5
FortiProxy-1.2.4
FortiProxy-1.2.3
FortiProxy-1.2.2
FortiProxy-1.2.1
FortiProxy-1.2.0
FortiProxy-1.1.6
FortiProxy-1.1.5
FortiProxy-1.1.4
FortiProxy-1.1.3
FortiProxy-1.1.2
FortiProxy-1.1.1
FortiProxy-1.1.0
FortiProxy-1.0.7
FortiProxy-1.0.6
FortiProxy-1.0.5
FortiProxy-1.0.4
FortiProxy-1.0.3
FortiProxy-1.0.2
FortiProxy-1.0.1
FortiProxy-1.0.0
FortiRecorder-6.4.2
FortiRecorder-6.4.1
FortiRecorder-6.4.0
FortiRecorder-6.0.10
FortiRecorder-6.0.9
FortiRecorder-6.0.8
FortiRecorder-6.0.7
FortiRecorder-6.0.6
FortiRecorder-6.0.5
FortiRecorder-6.0.4
FortiRecorder-6.0.3
FortiRecorder-6.0.2
FortiRecorder-6.0.1
FortiRecorder-6.0.0
FortiSwitch-7.0.2
FortiSwitch-7.0.1
FortiSwitch-7.0.0
FortiSwitch-6.4.9
FortiSwitch-6.4.8
FortiSwitch-6.4.7
FortiSwitch-6.4.6
FortiSwitch-6.4.5
FortiSwitch-6.4.4
FortiSwitch-6.4.3
FortiSwitch-6.4.2
FortiSwitch-6.4.1
FortiSwitch-6.4.0
FortiSwitch-6.2.7
FortiSwitch-6.2.6
FortiSwitch-6.2.5
FortiSwitch-6.2.4
FortiSwitch-6.2.3
FortiSwitch-6.2.2
FortiSwitch-6.2.1
FortiSwitch-6.2.0
FortiSwitch-6.0.7
FortiSwitch-6.0.6
FortiSwitch-6.0.5
FortiSwitch-6.0.4
FortiSwitch-6.0.3
FortiSwitch-6.0.2
FortiSwitch-6.0.1
FortiSwitch-6.0.0
FortiVoice-6.4.3
FortiVoice-6.4.2
FortiVoice-6.4.1
FortiVoice-6.4.0
FortiVoice-6.0.10
FortiVoice-6.0.9
FortiVoice-6.0.8
FortiVoice-6.0.7
FortiVoice-6.0.6
FortiVoice-6.0.5
FortiVoice-6.0.4
FortiVoice-6.0.3
FortiVoice-6.0.2
FortiVoice-6.0.1
FortiVoice-6.0.0
FortiVoice-5.3.26
FortiVoice-5.3.25
FortiVoice-5.3.24
FortiVoice-5.3.23
FortiVoice-5.3.22
FortiVoice-5.3.21
FortiVoice-5.3.20
FortiVoice-5.3.19
FortiVoice-5.3.18
FortiVoice-5.3.17
FortiVoice-5.3.16
FortiVoice-5.3.15
FortiVoice-5.3.14
FortiVoice-5.3.13
FortiVoice-5.3.12
FortiVoice-5.3.11
FortiVoice-5.3.10
FortiVoice-5.3.8
FortiVoice-5.3.7
FortiVoice-5.3.6
FortiVoice-5.3.5
FortiVoice-5.3.4
FortiVoice-5.3.3
FortiVoice-5.3.2
FortiVoice-5.3.1
FortiVoice-5.3.0
4.2
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:F/RL:U/RC:C
https://fortiguard.fortinet.com/psirt/FG-IR-21-155
Multiple products - Integer overflow in dhcpd daemon
Reference>