Alibaba Cloud Linux 2.1903 Security Advisory: ALINUX2-SA-2024:0019
Issued: 2024-08-02
Updated: 2024-08-02
Summary
libndp security update
Severity
Important
Description
Package updates are available for Alibaba Cloud Linux 2.1903 that fix the following vulnerabilities:
CVE-2024-5564:
A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information.
References
Updated Packages
- aarch64
- libndp-1.2-10.1.al7.aarch64.rpm → (download)
- libndp-debuginfo-1.2-10.1.al7.aarch64.rpm → (download)
- libndp-devel-1.2-10.1.al7.aarch64.rpm → (download)
- i686
- libndp-1.2-10.1.al7.i686.rpm → (download)
- libndp-debuginfo-1.2-10.1.al7.i686.rpm → (download)
- libndp-devel-1.2-10.1.al7.i686.rpm → (download)
- src
- libndp-1.2-10.1.al7.src.rpm → (download)
- x86_64
- libndp-1.2-10.1.al7.x86_64.rpm → (download)
- libndp-debuginfo-1.2-10.1.al7.x86_64.rpm → (download)
- libndp-devel-1.2-10.1.al7.x86_64.rpm → (download)