Stack overflow in Kea daemons

Description

Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error. This issue affects Kea versions 2.6.0 through 2.6.4 and 3.0.0 through 3.0.2.

Affected Products

Vendor	Product	Versions
ISC	Kea	2.6.0, 3.0.0

References

https://kb.isc.org/docs/cve-2026-3608(vendor-advisory)
https://downloads.isc.org/isc/kea/2.6.5(patch)
https://downloads.isc.org/isc/kea/3.0.3(patch)

Related News (3 articles)

Tier C

oss-security11h ago

ISC has disclosed one vulnerability in Kea (CVE-2026-3608)

→ No new info (linked only)

Tier C

VulDB17h ago

CVE-2026-3608 | ISC Kea up to 2.6.4/3.0.2 kea-ctrl-agent/kea-dhcp-ddns/kea-dhcp4/kea-dhcp6 assertion

→ No new info (linked only)

Tier B

CERT-FR1d ago

Vulnérabilité dans ISC Kea (25 mars 2026)

→ No new info (linked only)

CVSS 3.17.5 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-617

Published3/25/2026

Last enriched11h agov3

Trending Score68

Source articles3

Independent3

Info Completeness9/14

Missing: epss, kev, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Version History

Last enriched 11h ago

v3Tier B11h ago

Updated affected versions to include 2.6.5 and 3.0.3, and marked exploit availability and active exploitation as true.

affectedVersionsexploitAvailableactivelyExploited

via CERT-FR

v2Tier C16h ago

Updated description with new details and clarified that there is no exploit available and it is not actively exploited.

description

via VulDB

v117h ago

Initial creation