4 matches found
NetworkManager security and bug fix update
1:1.22.8-5 - dhcp: fix handling IO error in nettools DHCPv4 client rh 1843357 - ifcfg-rh: handle '802-1x.,phase2-ca-path' rh 1843360, CVE-2020-10754...
CVE-2020-10754
CVE-2020-10754 affects NetworkManager via nmcli, where 802-1x.ca-path and 802-1x.phase2-ca-path are not honoured when creating a new profile. This can allow a user to connect to a network without proper authentication, resulting in an insecure connection. Public references in connected documents ...
NetworkManager Access Control Error Vulnerability
NetworkManager is a network management daemon. A security vulnerability exists in NetworkManager that stems from the fact that nmcli command line interface does not enforce the 802-1x.ca-path and 802-1x.phase2-ca-path settings. No details of the vulnerability are available at this time...
Null pointer dereference
The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service daemon crash and restart via a crafted 1 RUTHERE or 2 RUTHEREACK Dead Peer Detection DPD IPsec...