CVE-2025-11232 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "[^A-Za-z0-9…
High CVSS: 7.5

CVE-2025-11232

To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "[^A-Za-z0-9.-]"; "hostname-char-replacement" must be empty (the default); and "ddns-qualifying-suffix" must *NOT* be empty (the default is empty). DDNS updates do not need to be enabled for this issue to manifest. A client that sends certain option content would then cause kea-dhcp4 to exit unexpectedly.
This issue affects Kea versions 3.0.1 through 3.0.1 and 3.1.1 through 3.1.2.
Vendor
-
Product
-
CWE
CWE-823
Yayın Tarihi
2025-10-29 18:15:40
Güncelleme
2025-11-04 22:16:05
Source Identifier
security-officer@isc.org
KEV Date Added
-

Kategoriler

CWE-823 HIGH 2025

Referanslar

https://kb.isc.org/docs/cve-2025-11232 http://www.openwall.com/lists/oss-security/2025/10/29/5