Lucene search
RedhatCVE-2024-5564HistoryMay 31, 2024 - 7:15 p.m.
CVE-2024-5564
2024-05-3119:15:08
CWE-120
redhat
web.nvd.nist.gov
47
cve-2024-5564
nvd
security vulnerability
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
6.9
Confidence
High
EPSS
0
Percentile
13.8%
A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information.
CNA Affected
[
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "libndp",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.2-10.el7_9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/o:redhat:rhel_els:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "libndp",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.7-7.el8_10",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "libndp",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.7-4.el8_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/o:redhat:rhel_aus:8.2::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "libndp",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.7-6.el8_4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/o:redhat:rhel_tus:8.4::baseos",
"cpe:/o:redhat:rhel_e4s:8.4::baseos",
"cpe:/o:redhat:rhel_aus:8.4::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "libndp",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.7-6.el8_4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/o:redhat:rhel_tus:8.4::baseos",
"cpe:/o:redhat:rhel_e4s:8.4::baseos",
"cpe:/o:redhat:rhel_aus:8.4::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "libndp",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.7-6.el8_4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/o:redhat:rhel_tus:8.4::baseos",
"cpe:/o:redhat:rhel_e4s:8.4::baseos",
"cpe:/o:redhat:rhel_aus:8.4::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "libndp",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.7-7.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/o:redhat:rhel_e4s:8.6::baseos",
"cpe:/o:redhat:rhel_aus:8.6::baseos",
"cpe:/o:redhat:rhel_tus:8.6::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "libndp",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.7-7.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/o:redhat:rhel_e4s:8.6::baseos",
"cpe:/o:redhat:rhel_aus:8.6::baseos",
"cpe:/o:redhat:rhel_tus:8.6::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "libndp",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.7-7.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/o:redhat:rhel_e4s:8.6::baseos",
"cpe:/o:redhat:rhel_aus:8.6::baseos",
"cpe:/o:redhat:rhel_tus:8.6::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "libndp",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.7-7.el8_8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/o:redhat:rhel_eus:8.8::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "libndp",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.8-6.el9_4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "libndp",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.8-5.el9_0",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/o:redhat:rhel_e4s:9.0::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "libndp",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.8-5.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/o:redhat:rhel_eus:9.2::baseos"
]
}
]References
access.redhat.com/errata/RHSA-2024:4618
access.redhat.com/errata/RHSA-2024:4619
access.redhat.com/errata/RHSA-2024:4620
access.redhat.com/errata/RHSA-2024:4622
access.redhat.com/errata/RHSA-2024:4636
access.redhat.com/errata/RHSA-2024:4640
access.redhat.com/errata/RHSA-2024:4641
access.redhat.com/errata/RHSA-2024:4642
access.redhat.com/errata/RHSA-2024:4643
access.redhat.com/security/cve/CVE-2024-5564
bugzilla.redhat.com/show_bug.cgi?id=2284122
Related
nessus
nessus
RHEL 7 : libndp (RHSA-2024:4622)
2024-07-18 00:00:00
Oracle Linux 8 : libndp (ELSA-2024-4620)
2024-07-25 00:00:00
SUSE SLES12 Security Update : libndp (SUSE-SU-2024:2541-1)
2024-07-22 00:00:00
cvelist
cvelist
CVE-2024-5564 Libndp: buffer overflow in route information length field
2024-05-31 18:31:47
openvas
openvas
openSUSE: Security Advisory for libndp (SUSE-SU-2024:2283-1)
2024-07-10 00:00:00
Debian: Security Advisory (DSA-5713-1)
2024-07-01 00:00:00
Huawei EulerOS: Security Advisory for libndp (EulerOS-SA-2024-2372)
2024-09-12 00:00:00
mageia
mageia
Updated libndp packages fix security vulnerabilities
2024-06-17 20:44:07
osv
osv
Important: libndp security update
2024-07-18 00:00:00
Security update for libndp
2024-07-17 06:33:39
Security update for libndp
2024-07-02 21:12:46
redhat
redhat
(RHSA-2024:4636) Important: libndp security update
2024-07-18 15:17:03
(RHSA-2024:4622) Important: libndp security update
2024-07-18 12:55:05
(RHSA-2024:4618) Important: libndp security update
2024-07-18 12:54:24
oraclelinux
oraclelinux
libndp security update
2024-07-18 00:00:00
libndp security update
2024-09-04 00:00:00
libndp security update
2024-07-18 00:00:00
ubuntu
ubuntu
libndp vulnerability
2024-06-12 00:00:00
cbl_mariner
cbl_mariner
CVE-2024-5564 affecting package libndp for versions less than 1.8-2
2024-06-19 17:02:35
CVE-2024-5564 affecting package libndp for versions less than 1.8-2
2024-07-02 23:30:04
rocky
rocky
libndp security update
2024-07-26 12:33:54
libndp security update
2024-07-26 12:32:49
vulnrichment
vulnrichment
CVE-2024-5564 Libndp: buffer overflow in route information length field
2024-05-31 18:31:47
debiancve
debiancve
CVE-2024-5564
2024-05-31 19:15:08
nvd
nvd
CVE-2024-5564
2024-05-31 19:15:08
amazon
amazon
Important: libndp
2024-06-19 19:15:00
almalinux
almalinux
Important: libndp security update
2024-07-18 00:00:00
Important: libndp security update
2024-07-18 00:00:00
redos
redos
ROS-20240904-04
2024-09-04 00:00:00
redhatcve
redhatcve
CVE-2024-5564
2024-05-31 14:04:11
ubuntucve
ubuntucve
CVE-2024-5564
2024-05-31 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-3.0-0768
2024-06-21 00:00:00
Important Photon OS Security Update - PHSA-2024-5.0-0300
2024-06-21 00:00:00
Important Photon OS Security Update - PHSA-2024-4.0-0636
2024-06-21 00:00:00
ibm
ibm
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-08-22 09:25:46
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
6.9
Confidence
High
EPSS
0
Percentile
13.8%
Related for CVE-2024-5564