Home / mailings [USN-7759-1] Kea DHCP vulnerabilities
Posted on 24 September 2025
Ubuntu Security==========================================================================Ubuntu Security Notice USN-7759-1
September 21, 2025
isc-kea vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Kea DHCP could be made to crash if it received specially crafted network
traffic.
Software Description:
- isc-kea: Standards-based DHCP server
Details:
It was discovered that Kea DHCP did not correctly handle invalid hostnames.
A remote attacker could possibly use this issue to cause a denial of
service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
kea-admin 1.1.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
kea-common 1.1.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
kea-dhcp-ddns-server 1.1.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
kea-dhcp4-server 1.1.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
kea-dhcp6-server 1.1.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
kea-admin 1.0.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
kea-common 1.0.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
kea-dhcp-ddns-server 1.0.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
kea-dhcp4-server 1.0.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
kea-dhcp6-server 1.0.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
After a standard system update you may need to restart Kea DHCP server
instances to make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7759-1
CVE-2019-6473
--===============5414411264069426034==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
