Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Ubuntu: 6830-1 Critical: libndp Denial of Service Threat

ubuntu
Calendar Grey June 12, 2024
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-6830-2 tackles the libcurl vulnerability which may lead to data leaks or unauthorized access if manipulated.
libndp could be made to crash or run programs if it received specially crafted network traffic.

Summary

libndp could be made to crash or run programs if it received specially

crafted network traffic.

Software Description:

- libndp: Library for Neighbor Discovery Protocol

Details:

It was discovered that libndp incorrectly handled certain malformed IPv6

router advertisement packets. A local attacker could use this issue to

cause NetworkManager to crash, resulting in a denial of service, or

possibly execute arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
   libndp0                         1.8-1fakesync1ubuntu0.24.04.1

Ubuntu 23.10
   libndp0                         1.8-1fakesync1ubuntu0.23.10.1

Ubuntu 22.04 LTS
   libndp0                         1.8-0ubuntu3.1

Ubuntu 20.04 LTS
   libndp0                         1.7-0ubuntu1.1

After a standard system update you need to reboot your computer to make all
the necessary changes.

References

https://ubuntu.com/security/notices/USN-6830-1

CVE-2024-5564

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6830-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here