CVE-2020-7216: 
Linux openSUSE vulnerability analysis and mitigation

An ni_dhcp4_parse_response memory leak vulnerability was discovered in openSUSE wicked 0.6.55 and earlier. The vulnerability was disclosed in February 2020 and affects the DHCP4 packet processing functionality of the wicked network configuration system (NVD).

The vulnerability occurs when processing DHCP4 packets that lack a message type option. When ni_dhcp4_parse_response processes such a packet, it fails to free the allocated lease memory upon encountering an error, resulting in a memory leak. The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (HIGH) with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability allows network attackers to cause a denial of service condition by sending DHCP4 packets without a message type option. This can lead to resource exhaustion through memory leaks (SUSE Advisory).

The vulnerability was fixed in multiple security updates across different versions of SUSE Linux Enterprise and openSUSE. Users should update to the patched versions: wicked-0.6.60-lp151.2.6.1 for openSUSE Leap 15.1, and corresponding versions for other affected distributions (SUSE Advisory, SUSE Bug).