ALSA-2025:9178

[ALSA-2025:9178] Important: kea security update

Type:

security

Severity:

important

Release date:

2025-07-02

Description:

DHCP implementation from Internet Systems Consortium, Inc. that features fully functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers fully support server discovery, address assignment, renewal, rebinding and release. The DHCPv6 server supports prefix delegation. Both servers support DNS Update mechanism, using stand-alone DDNS daemon.  

Security Fix(es):  

  * kea: Loading a malicious hook library can lead to local privilege escalation (CVE-2025-32801)
  * kea: Insecure handling of file paths allows multiple local attacks (CVE-2025-32802)
  * kea: Insecure file permissions can result in confidential information leakage (CVE-2025-32803)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	kea-keama-2.6.3-1.el10_0.aarch64.rpm	39f344e3b8f0e63b2d04a432ef28f7ddd70fb708ee66730c7e5560c035da5b9a
aarch64	kea-2.6.3-1.el10_0.aarch64.rpm	987339e702e313e4e3cf63c31387e1d20c84549f6747f234d379d23dfade30e0
aarch64	kea-hooks-2.6.3-1.el10_0.aarch64.rpm	9916e5072c2d3f29580789a8402e5c743a95a248a5bde0f7fb338e2657dc8540
aarch64	kea-libs-2.6.3-1.el10_0.aarch64.rpm	e353acb41dd5273989533573a0add6b3f35aea8af025a58a16b044b7200f7c18
noarch	kea-doc-2.6.3-1.el10_0.noarch.rpm	ab452a69b5f245b954d573ecd533f02e48f97330ace10abf6066632e389e1bb3
ppc64le	kea-libs-2.6.3-1.el10_0.ppc64le.rpm	12e7bc6534fa7dc9f0ed277bef9d611238674d07e97a530ad6fc21829e487d01
ppc64le	kea-2.6.3-1.el10_0.ppc64le.rpm	605697fb2e3202b64b549380a5c2a91a259cb98b4e5e175b107f1091e22bcbc1
ppc64le	kea-keama-2.6.3-1.el10_0.ppc64le.rpm	71b3d3ecb40da2a232d87f2f73ab489a94197d3c13d59d76e1946308a8790f7c
ppc64le	kea-hooks-2.6.3-1.el10_0.ppc64le.rpm	be90fe0d1679df1000ec46a6e2e7bc2c9b18ee3520d517c6f70a7abb5a629cd2
s390x	kea-2.6.3-1.el10_0.s390x.rpm	34ae85520853528e9d298eed8f81ae18975bc1b89db766b37da698f8e2267fb2
s390x	kea-hooks-2.6.3-1.el10_0.s390x.rpm	46db3a20b26e1f0bd69a7da0f893aa0c1529cfd313b910651d762509da4d633c
s390x	kea-libs-2.6.3-1.el10_0.s390x.rpm	6a5f61ae04f81f941323bd8551231c38ee21a68b00180ec1d9dead05ae5c8258
s390x	kea-keama-2.6.3-1.el10_0.s390x.rpm	a15a11c6ab8256bd18ef12948f8b4c80c2ceee7ee5d35b4180969b4d49f81caf
x86_64	kea-libs-2.6.3-1.el10_0.x86_64.rpm	280164c01bbd0e07b0a0d86c869eb5932d8d41b1f11f5c263c279ecca27c784a
x86_64	kea-2.6.3-1.el10_0.x86_64.rpm	98927bfd9f18fea3a08d6649189a7a223ba0905ed31d252f7cfa4df4cdd242a9
x86_64	kea-keama-2.6.3-1.el10_0.x86_64.rpm	9e0c460d9f84fa47ffff333f5e9ca4853b0c107e525dfe85ac4754f14412cde8
x86_64	kea-hooks-2.6.3-1.el10_0.x86_64.rpm	c154ea6175208cece3f6901b6532451448daaf86d89ae054811af97fb31270ce
x86_64_v2	kea-hooks-2.6.3-1.el10_0.x86_64_v2.rpm	88e75cedec3e34b3aaf7b6d24f16fc7fbde1f010429f0cbade628ac10bd1e817
x86_64_v2	kea-keama-2.6.3-1.el10_0.x86_64_v2.rpm	e5356d0455482c61a3f83b529a9df63b46b86eebf1db32a8e34f37d9eaef347c
x86_64_v2	kea-libs-2.6.3-1.el10_0.x86_64_v2.rpm	ea5486fff0f9949ebcb54f480b9c0d84cc2c6474e78aabe86748f600f87ebd60
x86_64_v2	kea-2.6.3-1.el10_0.x86_64_v2.rpm	ebc0cab64755d5cc3ecff197789165e4825b50242609e4be87f6a4e655c46b39

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.