Local vulnerabilities in Kea DHCP

The SUSE Security Team has published a detailedreport about security vulnerabilities it discovered in the Kea DHCP server suite from the Internet Systems Consortium(ISC).

Since SUSE is also going to ship Kea DHCP in its products, weperformed a routine review of its code base. Even before checking thenetwork security of Kea, we stumbled over a range of local securityissues, among them a local root exploit which is possible in manydefault installations of Kea on Linux and BSD distributions. [...]

This report is based on Kea release 2.6.1. Any source codereferences in this report relate to this version. Many systems stillship older releases of Kea, but we believe they are all affected aswell by the issues described in this report.

The report details seven security issues includinglocal-privilege-escalationand arbitrary file overwritevulnerabilities. Security fixes for the vulnerabilities have beenpublished in all of the currently supported release series of Kea: 2.4.2,2.6.3,and the 2.7.9development release were all released on May28. Kea has assigned CVE-2025-32801,CVE-2025-32802,and CVE-2025-32803 to the vulnerabilities. Note that some of the CVEscover multiple security flaws.