Back

Fedora 42 and 43 Kea 3.0.3 Denial of Service Vulnerability Fix Released

Severity: Medium (Score: 57.9)

Sources: Linuxsecurity

Summary

On April 8, 2026, two articles reported on the release of version 3.0.3 of the Kea DHCP server, which addresses a critical Denial of Service vulnerability identified as CVE-2026-3608. This vulnerability, published on March 25, 2026, allows attackers to exploit the DHCP server through maliciously crafted messages, potentially disrupting services for affected users. The vulnerability impacts both Fedora 42 and Fedora 43 systems running the Kea DHCP server. Users are advised to upgrade to the patched version 3.0.3 to mitigate the risk. The update can be installed using the 'dnf' package manager with specific commands provided in the articles. The vulnerability's scope includes all systems utilizing the affected DHCP implementation. The articles emphasize the importance of applying the update promptly to avoid service disruptions. Key Points: • CVE-2026-3608 is a Denial of Service vulnerability in Kea DHCP servers. • Affected systems include Fedora 42 and Fedora 43 with Kea DHCP server installed. • Users should upgrade to version 3.0.3 to mitigate the vulnerability immediately.

Key Entities

  • Denial of Service (attack_type)
  • CVE-2026-3608 (cve)
  • Fedora (company)
  • Kea (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed