CVE-2021-20297

Published: 02 April 2021

A flaw was found in NetworkManager in versions before 1.30.0. Setting match.path and activating a profile crashes NetworkManager. The highest threat from this vulnerability is to system availability.

Priority

Medium

CVSS 3 base score: 5.5

Status

Package Release Status
network-manager
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 20.04 LTS (Focal Fossa) Not vulnerable
(code not present)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(code not present)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(code not present)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Patches:
Upstream: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/420784e342da4883f6debdfe10cde68507b10d27

Notes

AuthorNote
mdeslaur
introduced by:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/3ced486f4162edcd03ff42fa27535130aff0c86c

References

Bugs