CVE-2024-3661

Опубликовано: 06 мая 2024

Источник: ubuntu

Приоритет: high

EPSS Низкий

CVSS3: 7.6

Описание

DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN.

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/bionic	ignored	see notes
esm-apps/focal	ignored	see notes
esm-apps/jammy	ignored	see notes
esm-apps/noble	ignored	see notes
esm-apps/xenial	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-apps/bionic	ignored	see notes
esm-apps/focal	ignored	see notes
esm-apps/xenial	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	DNE
mantic	DNE
noble	DNE
oracular	DNE
plucky	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-apps/bionic	ignored	see notes
esm-apps/focal	ignored	see notes
esm-apps/xenial	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	DNE
mantic	DNE
noble	DNE
oracular	DNE
plucky	DNE

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/focal	ignored	see notes
esm-apps/jammy	ignored	see notes
esm-apps/noble	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes
oracular	ignored	end of life, was deferred
plucky	ignored	see notes

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-apps/bionic	ignored	see notes
esm-apps/xenial	ignored	see notes
esm-infra/focal	DNE
focal	DNE
jammy	DNE
mantic	DNE
noble	DNE
oracular	DNE
plucky	DNE

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/bionic	ignored	see notes
esm-apps/focal	ignored	see notes
esm-apps/jammy	ignored	see notes
esm-apps/noble	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes
oracular	ignored	end of life, was deferred

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-apps/jammy	ignored	see notes
esm-infra/focal	DNE
focal	DNE
jammy	ignored	see notes
mantic	DNE
noble	DNE
oracular	DNE
plucky	DNE
upstream	needs-triage

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/bionic	ignored	see notes
esm-apps/focal	ignored	see notes
esm-apps/jammy	ignored	see notes
esm-apps/noble	ignored	see notes
esm-apps/xenial	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/bionic	ignored	see notes
esm-apps/focal	ignored	see notes
esm-apps/jammy	ignored	see notes
esm-apps/noble	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes
oracular	ignored	end of life, was deferred

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/bionic	ignored	see notes
esm-apps/focal	ignored	see notes
esm-apps/jammy	ignored	see notes
esm-apps/noble	ignored	see notes
esm-apps/xenial	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/bionic	ignored	see notes
esm-apps/focal	ignored	see notes
esm-apps/jammy	ignored	see notes
esm-apps/noble	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes
oracular	ignored	end of life, was deferred

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/bionic	ignored	see notes
esm-apps/focal	ignored	see notes
esm-apps/jammy	ignored	see notes
esm-apps/noble	ignored	see notes
esm-apps/xenial	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/xenial	ignored	see notes
esm-infra/bionic	ignored	see notes
esm-infra/focal	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes
oracular	ignored	end of life, was deferred
plucky	ignored	see notes

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-infra/bionic	ignored	see notes
esm-infra/focal	ignored	see notes
esm-infra/xenial	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes
oracular	ignored	end of life, was deferred
plucky	ignored	see notes

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/jammy	ignored	see notes
esm-apps/noble	ignored	see notes
esm-infra/focal	DNE
focal	DNE
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes
oracular	ignored	end of life, was deferred
plucky	ignored	see notes

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/bionic	ignored	see notes
esm-apps/focal	ignored	see notes
esm-apps/jammy	ignored	see notes
esm-apps/noble	ignored	see notes
esm-apps/xenial	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/bionic	ignored	see notes
esm-apps/focal	ignored	see notes
esm-apps/jammy	ignored	see notes
esm-apps/noble	ignored	see notes
esm-apps/xenial	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/bionic	ignored	see notes
esm-apps/focal	ignored	see notes
esm-apps/jammy	ignored	see notes
esm-apps/noble	ignored	see notes
esm-apps/xenial	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/bionic	ignored	see notes
esm-apps/focal	ignored	see notes
esm-apps/jammy	ignored	see notes
esm-apps/noble	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes
oracular	ignored	end of life, was deferred

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-infra-legacy/trusty	ignored	see notes
esm-infra/bionic	ignored	see notes
esm-infra/focal	ignored	see notes
esm-infra/xenial	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes
oracular	ignored	end of life, was deferred

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-infra/bionic	ignored	see notes
esm-infra/focal	ignored	see notes
esm-infra/xenial	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes
oracular	ignored	end of life, was deferred
plucky	ignored	see notes

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	ignored	see notes
esm-infra/bionic	ignored	see notes
esm-infra/focal	ignored	see notes
esm-infra/xenial	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	DNE
oracular	DNE

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/bionic	ignored	see notes
esm-apps/focal	ignored	see notes
esm-apps/jammy	ignored	see notes
esm-apps/noble	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes
oracular	ignored	end of life, was deferred

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/noble	ignored	see notes
esm-infra/focal	DNE
focal	DNE
jammy	DNE
mantic	ignored	end of life, was deferred
noble	ignored	see notes
oracular	ignored	end of life, was deferred
plucky	ignored	see notes
upstream	needs-triage

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/jammy	ignored	see notes
esm-apps/noble	ignored	see notes
esm-infra/focal	DNE
focal	DNE
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes
oracular	ignored	end of life, was deferred
plucky	ignored	see notes

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/bionic	ignored	see notes
esm-apps/focal	ignored	see notes
esm-apps/jammy	ignored	see notes
esm-apps/noble	ignored	see notes
esm-apps/xenial	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/bionic	ignored	see notes
esm-apps/focal	ignored	see notes
esm-apps/jammy	ignored	see notes
esm-apps/noble	ignored	see notes
esm-apps/xenial	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/bionic	ignored	see notes
esm-apps/focal	ignored	see notes
esm-apps/jammy	ignored	see notes
esm-apps/noble	ignored	see notes
esm-apps/xenial	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes

Показывать по

Релиз	Статус	Примечание
devel	ignored	see notes
esm-apps/bionic	ignored	see notes
esm-apps/focal	ignored	see notes
esm-apps/xenial	ignored	see notes
focal	ignored	end of standard support, was deferred
jammy	ignored	see notes
mantic	ignored	end of life, was deferred
noble	ignored	see notes
oracular	ignored	end of life, was deferred
plucky	ignored	see notes

Показывать по

Ссылки на источники

EPSS

Процентиль: 83%

0.02136

Низкий

7.6 High

CVSS3

Связанные уязвимости

CVE-2024-3661

CVSS3: 7.6

redhat

около 1 года назад

CVE-2024-3661

CVSS3: 7.6

nvd

около 1 года назад

RLSA-2025:0288

rocky

3 месяца назад

Moderate: Bug fix of NetworkManager

GHSA-jcv7-6v4q-4m7x

CVSS3: 8.8

github

около 1 года назад

By design, the DHCP protocol does not authenticate messages, including for example the classless static route option (121). An attacker with the ability to send DHCP messages can manipulate routes to redirect VPN traffic, allowing the attacker to read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN. Many, if not most VPN systems based on IP routing are susceptible to such attacks.

ELSA-2025-0377

oracle-oval

7 месяцев назад

ELSA-2025-0377: Security and bug fixes for NetworkManager (MODERATE)

EPSS

Процентиль: 83%

0.02136

Низкий

7.6 High

CVSS3

CVE-2024-3661

Описание

Пакет connman

Пакет gadmin-openvpn-client

Пакет gadmin-openvpn-server

Пакет golang-github-apparentlymart-go-openvpn-mgmt

Пакет kvpnc

Пакет libreswan

Пакет mozillavpn

Пакет n2n

Пакет network-manager-fortisslvpn

Пакет network-manager-iodine

Пакет network-manager-l2tp

Пакет network-manager-openconnect

Пакет network-manager-openvpn

Пакет network-manager-pptp

Пакет network-manager-sstp

Пакет network-manager-strongswan

Пакет network-manager-vpnc

Пакет openconnect

Пакет openfortivpn

Пакет openvpn

Пакет pptp-linux

Пакет pptpd

Пакет quicktun

Пакет riseup-vpn

Пакет softether-vpn

Пакет sshuttle

Пакет tinc

Пакет vpnc

Пакет wireguard

Ссылки на источники

Связанные уязвимости