Products
NetworkManager
Source
secalert@redhat.com
Tags
CVE-2024-5564 details
Published : May 31, 2024, 7:15 p.m.
Last Modified : May 31, 2024, 7:15 p.m.
Last Modified : May 31, 2024, 7:15 p.m.
Description
A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7.4 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
CVSS Data
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
7.4
Exploitability Score
Impact Score
Base Severity
HIGH
Vector String : CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
References
URL | Source |
---|---|
https://access.redhat.com/security/cve/CVE-2024-5564 | secalert@redhat.com |
https://bugzilla.redhat.com/show_bug.cgi?id=2284122 | secalert@redhat.com |
This website uses the NVD API, but is not approved or certified by it.