libndp could be made to crash or run programs if it received specially
crafted network traffic.
Software Description:
- libndp: Library for Neighbor Discovery Protocol
Details:
It was discovered that libndp incorrectly handled certain malformed IPv6
router advertisement packets. A local attacker could use this issue to
cause NetworkManager to crash, resulting in a denial of service, or
possibly execute arbitrary code.
The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS libndp0 1.8-1fakesync1ubuntu0.24.04.1 Ubuntu 23.10 libndp0 1.8-1fakesync1ubuntu0.23.10.1 Ubuntu 22.04 LTS libndp0 1.8-0ubuntu3.1 Ubuntu 20.04 LTS libndp0 1.7-0ubuntu1.1 After a standard system update you need to reboot your computer to make all the necessary changes.
https://ubuntu.com/security/notices/USN-6830-1
CVE-2024-5564
Get the latest Linux and open source security news straight to your inbox.