[Debian] Medium CVE: CVE-2024-5564 libndp: a buffer overflow in NetworkManager
Bug #2069552 reported by
Yue Tao
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
High
|
Peng Zhang |
Bug Description
CVE-2024-5564: https:/
A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information.
Base Score: Medium
Reference:
['libndp0_
https:/
CVE References
Changed in starlingx: | |
assignee: | nobody → Peng Zhang (pzhang2) |
To post a comment you must log in.
Fix proposed to branch: master /review. opendev. org/c/starlingx /tools/ +/924054
Review: https:/