CVE-2024-5564
Published: 31 May 2024
A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information.
Priority
Status
Package | Release | Status |
---|---|---|
libndp Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
focal |
Released
(1.7-0ubuntu1.1)
|
|
jammy |
Released
(1.8-0ubuntu3.1)
|
|
mantic |
Released
(1.8-1fakesync1ubuntu0.23.10.1)
|
|
noble |
Released
(1.8-1fakesync1ubuntu0.24.04.1)
|
|
upstream |
Needs triage
|
|
xenial |
Needs triage
|
|
Patches: upstream: https://github.com/jpirko/libndp/commit/05e4ba7b0d126eea4c04387dcf40596059ee24af |