Описание
A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information.
Отчет
Red Hat rates this as an Important severity, as a local attacker may gain enough information to jeopardize the environment's confidentiality, integrity and availability.
Меры по смягчению последствий
Currently there is no mitigation available for this vulnerability. Please make sure to update as the fixes become available.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | libndp | Affected | ||
| Red Hat Enterprise Linux 7 Extended Lifecycle Support | libndp | Fixed | RHSA-2024:4622 | 18.07.2024 |
| Red Hat Enterprise Linux 8 | libndp | Fixed | RHSA-2024:4620 | 18.07.2024 |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | libndp | Fixed | RHSA-2024:4640 | 18.07.2024 |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | libndp | Fixed | RHSA-2024:4618 | 18.07.2024 |
| Red Hat Enterprise Linux 8.4 Telecommunications Update Service | libndp | Fixed | RHSA-2024:4618 | 18.07.2024 |
| Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | libndp | Fixed | RHSA-2024:4618 | 18.07.2024 |
| Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | libndp | Fixed | RHSA-2024:4643 | 18.07.2024 |
| Red Hat Enterprise Linux 8.6 Telecommunications Update Service | libndp | Fixed | RHSA-2024:4643 | 18.07.2024 |
| Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | libndp | Fixed | RHSA-2024:4643 | 18.07.2024 |
Показывать по
Дополнительная информация
Статус:
EPSS
8.1 High
CVSS3
Связанные уязвимости
A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information.
A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information.
A vulnerability was found in libndp. This flaw allows a local maliciou ...
EPSS
8.1 High
CVSS3