libndp security update

2016-05-17T22:20:14
ID CESA-2016:1086
Type centos
Reporter CentOS Project
Modified 2016-05-17T22:20:14

Description

CentOS Errata and Security Advisory CESA-2016:1086

Libndp is a library (used by NetworkManager) that provides a wrapper for the IPv6 Neighbor Discovery Protocol. It also provides a tool named ndptool for sending and receiving NDP messages.

Security Fix(es):

  • It was found that libndp did not properly validate and check the origin of Neighbor Discovery Protocol (NDP) messages. An attacker on a non-local network could use this flaw to advertise a node as a router, allowing them to perform man-in-the-middle attacks on a connecting client, or disrupt the network connectivity of that client. (CVE-2016-3698)

Red Hat would like to thank Julien Bernard (Viagénie) for reporting this issue.

Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2016-May/033931.html

Affected packages: libndp libndp-devel

Upstream details at: https://rhn.redhat.com/errata/RHSA-2016-1086.html