(RHSA-2024:4640) Important: libndp security update

2024-07-1815:17:37

access.redhat.com

libndp

security update

buffer overflow

ipv6

neighbor discovery protocol

fix

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.4

Confidence

High

JSON

Libndp is a library (used by NetworkManager) that provides a wrapper for the IPv6 Neighbor Discovery Protocol. It also provides a tool named ndptool for sending and receiving NDP messages.

Security Fix(es):

libndp: buffer overflow in route information length field (CVE-2024-5564)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8x86_64libndp-debugsource< 1.7-4.el8_2libndp-debugsource-1.7-4.el8_2.x86_64.rpm
RedHat8x86_64libndp-debuginfo< 1.7-4.el8_2libndp-debuginfo-1.7-4.el8_2.x86_64.rpm
RedHat8i686libndp< 1.7-4.el8_2libndp-1.7-4.el8_2.i686.rpm
RedHat8x86_64libndp< 1.7-4.el8_2libndp-1.7-4.el8_2.x86_64.rpm
RedHat8i686libndp-debuginfo< 1.7-4.el8_2libndp-debuginfo-1.7-4.el8_2.i686.rpm
RedHat8i686libndp-debugsource< 1.7-4.el8_2libndp-debugsource-1.7-4.el8_2.i686.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	x86_64	libndp-debugsource	< 1.7-4.el8_2	libndp-debugsource-1.7-4.el8_2.x86_64.rpm
RedHat	8	x86_64	libndp-debuginfo	< 1.7-4.el8_2	libndp-debuginfo-1.7-4.el8_2.x86_64.rpm
RedHat	8	i686	libndp	< 1.7-4.el8_2	libndp-1.7-4.el8_2.i686.rpm
RedHat	8	x86_64	libndp	< 1.7-4.el8_2	libndp-1.7-4.el8_2.x86_64.rpm
RedHat	8	i686	libndp-debuginfo	< 1.7-4.el8_2	libndp-debuginfo-1.7-4.el8_2.i686.rpm
RedHat	8	i686	libndp-debugsource	< 1.7-4.el8_2	libndp-debugsource-1.7-4.el8_2.i686.rpm