[SingCERT] Alert on Red Hat DHCP Client Critical Vulnerability (CVE-2018-1111)
18 May 2018
The Dynamic Host Configuration Protocol (DHCP) is used to configure network settings of a computer system from a DHCP server. When a system joins the network, its DHCP client application is programmed to automatically request for network configuration information such as Internet Protocol (IP) address, IP routes, default IP gateway, and Domain Name System (DNS) servers from the nearest, or the first, DHCP server.
On 15 May 2018, Red Hat published a security alert advising users to immediately patch a critical vulnerability found in the NetworkManager integration script included in its DHCP client packages. NetworkManager is a program that uses DHCP.
The flawed script executes with administrative privileges on a system whenever the NetworkManager receives a DHCP response from a DHCP server. When successfully exploited, the vulnerability allows an attacker to execute arbitrary commands, resulting in a complete compromise of the system.
The vulnerability tracked as CVE-2018-1111 is rated "Critical" with the maximum Common Vulnerability Score System (CVSS) severity base score of 10 out of 10.