CVE-2026-3608
Stack Overflow in Kea DHCP Daemons Causes Service Crash
Publication date: 2026-03-25
Last updated on: 2026-03-25
Assigner: Internet Systems Consortium (ISC)
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| isc | kea | From 2.6.0 (inc) to 2.6.4 (inc) |
| isc | kea | From 3.0.0 (inc) to 3.0.2 (inc) |
| isc | kea | 2.6.5 |
| isc | kea | 3.0.3 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-617 | The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs when a maliciously crafted message is sent to certain Kea daemons, specifically kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6, over any configured API socket or HA listener.
The crafted message causes the receiving daemon to experience a stack overflow error, which results in the daemon exiting unexpectedly.
It affects Kea versions 2.6.0 through 2.6.4 and 3.0.0 through 3.0.2.
How can this vulnerability impact me? :
The impact of this vulnerability is that an attacker can cause the affected Kea daemons to crash by sending a specially crafted message.
This results in a denial of service condition, as the daemon exits due to a stack overflow error.
Since the availability of the DHCP services provided by these daemons is disrupted, network operations relying on these services may be interrupted.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know