How about responsible disclosure too ALL parties involved?

irsl / gcp-dhcp-takeover-code-exec

Google Compute Engine (GCE) VM takeover via DHCP flood - gain root access by getting SSH keys added by google_guest_agent

533 stars 35 forks source link

How about responsible disclosure too ALL parties involved? #2

Open marka63 opened 3 years ago

irsl commented 3 years ago

I was considering to contact ISC, and even though their implementation could rely on additional entropy sources, I still think this is not a vulnerability in dhclient, but rather in the special setup of GCP.

tomaszmrugalski commented 3 years ago

There's dhcp#197 submitted for this on ISC systems. It's unfortunate we weren't notified about this earlier.