Infinite loop in uid_hash_delete (possible DoS)

sscdvp at sscdvp at
Sat Aug 13 20:17:27 UTC 2011

It seems that all previous ISC DHCP versions (including 3.1-ESV) are
vulnerable to that bug. Because the code related to uid_hash_delete(),
uid_hash_add() has no changes since it was written for 3.0 version (only
minor change: lease_hash_t was split to two lease_id_hash_t and
lease_ip_hash_t since 3.0).

The subject should be renamed to "Infinite loop in uid_hash_delete" because
the code snippet was taken from uid_hash_delete().

Best regards,
Serghei Samsi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the dhcp-users mailing list