libndp security update

ID CESA-2016:1086
Type centos
Reporter CentOS Project
Modified 2016-05-17T22:20:14


CentOS Errata and Security Advisory CESA-2016:1086

Libndp is a library (used by NetworkManager) that provides a wrapper for the IPv6 Neighbor Discovery Protocol. It also provides a tool named ndptool for sending and receiving NDP messages.

Security Fix(es):

  • It was found that libndp did not properly validate and check the origin of Neighbor Discovery Protocol (NDP) messages. An attacker on a non-local network could use this flaw to advertise a node as a router, allowing them to perform man-in-the-middle attacks on a connecting client, or disrupt the network connectivity of that client. (CVE-2016-3698)

Red Hat would like to thank Julien Bernard (Viagénie) for reporting this issue.

Merged security bulletin from advisories:

Affected packages: libndp libndp-devel

Upstream details at: