Back to Top

Security tips

Red Hat Linux DHCP client vulnerability



Felix Wilhelm, a member of Google's security team, has recently discovered a critical vulnerability in the Red Hat Enterprise Linux DHCP client. Since several other Linux distributions include the affected Network Manager integration script by default (Fedora, for example) the problem is very serious, and the affected distros should be patched as quickly as possible.


The vulnerability can be tracked as CVE–2018–1111 and is one that can easily be exploited by attackers, who may be able to get root access on the targeted computers, and then either execute commands remotely or run various scripts.


In a nutshell, the DHCP remote root command is vulnerable to command injection. This means that an attacker who has set up a malicious DHCP server or has planted a device on the local network, being able to intercept, and then spoof DHCP responses, could easily get access to shell commands as a root user.


The DHCP protocol is utilized by the central server to automatically configure the hosts that connect to the network. When a new host is connected, the central server will assign it the needed network configuration parameters – its IP address, for example.


While it is possible to disable the vulnerable script, and thus prevent the attackers from gaining access to the computers, it is important to understand that if you decide to do that, at least some of the configuration parameters which are served by the DHCP server will not work properly. We have gotten this information from official sources, so be sure to avoid doing this.


Instead, if your computers run one of the affected Linux distributions, you should update their operating systems as quickly as possible. The good news is that many of the most popular distros such as Ubuntu aren't affected, because they use a different DHCP client implementation. To see if your computers are vulnerable, check out the CVE–2018–1111 link highlighted above.


Red Hat and Fedora have already released patches that fix this vulnerability. Hopefully, by the time you will be done reading this article, your favorite Linux distro will have been patched as well.