Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 12 articles for you...
100

SUSE: 2025:20088-1 important: libndp buffer overflow fix

* bsc#1225771 Cross-References: * CVE-2024-5564 . # Security update for libndp Announcement ID: SUSE-SU-2025:20088-1 Release Date: 2025-02-03T09:09:40Z Rating: important References: * bsc#1225771 Cross-References: * CVE-2024-5564 CVSS scores: * CVE-2024-5564 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-5564 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for libndp fixes the following issues: * CVE-2024-5564: Fixed buffer overflow in route information length field (bsc#1225771). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-107=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libndp0-debuginfo-1.8-3.1 * libndp0-1.8-3.1 * libndp-debugsource-1.8-3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-5564.html * https://bugzilla.suse.com/show_bug.cgi?id=1225771 . Important SUSE patch for libndp fixes buffer overflow vulnerability in SUSE Linux Micro. Make sure your system is protected.. SUSE Linux, libndp, security patch, buffer overflow, Linux updates. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 04, 2025 Important SuSE
100

SUSE Micro 6.0: 2025:20088-1 important: libndp buffer overflow

* bsc#1225771 Cross-References: * CVE-2024-5564 . # Security update for libndp Announcement ID: SUSE-SU-2025:20088-1 Release Date: 2025-02-03T09:09:40Z Rating: important References: * bsc#1225771 Cross-References: * CVE-2024-5564 CVSS scores: * CVE-2024-5564 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-5564 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for libndp fixes the following issues: * CVE-2024-5564: Fixed buffer overflow in route information length field (bsc#1225771). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-107=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libndp0-debuginfo-1.8-3.1 * libndp-debugsource-1.8-3.1 * libndp0-1.8-3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-5564.html * https://bugzilla.suse.com/show_bug.cgi?id=1225771 . Critical security patch released for SUSE Linux Micro addressing buffer overflow vulnerability in libndp related to CVE-2024-5564. Update immediately!. SUSE Linux Micro, libndp update, CVE-2024-5564, buffer overflow fix, important security update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 04, 2025 Important SuSE
172

Ubuntu 18.04 & 16.04: USN-7248-1 critical: libndp denial of service

libndp could be made to crash or run programs if it received specially crafted network traffic.. ========================================================================== Ubuntu Security Notice USN-7248-1 February 03, 2025 libndp vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: libndp could be made to crash or run programs if it received specially crafted network traffic. Software Description: - libndp: Library for Neighbor Discovery Protocol Details: It was discovered that libndp incorrectly handled certain malformed IPv6 router advertisement packets. A local attacker could possibly use this issue to cause NetworkManager to crash, resulting in a denial of service, or the execution of arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS libndp0 1.6-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS libndp0 1.4-2ubuntu0.16.04.1+esm1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7248-1 CVE-2024-5564 . A security advisory for Ubuntu addresses the libndp vulnerability, which risks system crashes or unauthorized execution due to malformed network packets. libndp, Ubuntu security, NetworkManager, denial of service, security updates. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Feb 04, 2025 Critical Ubuntu
217

Oracle Linux 7 ELSA-2024-4622 Important: libndp Security Update

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-4622 http://linux.oracle.com/errata/ELSA-2024-4622.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: libndp-1.2-10.0.1.el7_9.aarch64.rpm libndp-devel-1.2-10.0.1.el7_9.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//libndp-1.2-10.0.1.el7_9.src.rpm Related CVEs: CVE-2024-5564 Description of changes: [1.2-10.0.1] - Increasing release number as per Oracle package release policy _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . The Oracle Linux Security Notification ELSA-2024-4622 details essential updates for the libndp library for aarch64 architecture, addressing potential vulnerabilities. Oracle Linux Update, libndp Security, Aarch64 Security Fix, Important Security Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Sep 05, 2024 Important Oracle
217

Oracle7 ELSA-2024-4622: Important libndp Security Update

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-4622 http://linux.oracle.com/errata/ELSA-2024-4622.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: libndp-1.2-10.0.1.el7_9.i686.rpm libndp-1.2-10.0.1.el7_9.x86_64.rpm libndp-devel-1.2-10.0.1.el7_9.i686.rpm libndp-devel-1.2-10.0.1.el7_9.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//libndp-1.2-10.0.1.el7_9.src.rpm Related CVEs: CVE-2024-5564 Description of changes: [1.2-10.0.1] - Increasing release number as per Oracle package release policy _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux Security Announcement ELSA-2024-4622 pertains to updates and vulnerabilities remediation for libndp in Oracle Linux 7.. Oracle Linux Updates, libndp Security Advisory, Linux RPM Security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Sep 05, 2024 Important Oracle
219

Rocky Linux 9 RLSA-2024:4636 Important Libndp Buffer Overflow Fix

Important: libndp security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2024:4636", "synopsis": "Important: libndp security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for libndp.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Libndp is a library (used by NetworkManager) that provides a wrapper for the IPv6 Neighbor Discovery Protocol. It also provides a tool named ndptool for sending and receiving NDP messages.\n\nSecurity Fix(es):\n\n* libndp: buffer overflow in route information length field (CVE-2024-5564)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2284122", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2284122", "description": ""}], "cves": [{"name": "CVE-2024-5564", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-5564", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}], "references": [], "publishedAt": "2024-07-26T12:33:54.254327Z", "rpms": {"Rocky Linux 9": {"nvras": ["libndp-0:1.8-6.el9_4.i686.rpm", "libndp-0:1.8-6.el9_4.aarch64.rpm", "libndp-0:1.8-6.el9_4.ppc64le.rpm", "libndp-0:1.8-6.el9_4.s390x.rpm", "libndp-0:1.8-6.el9_4.src.rpm", "libndp-0:1.8-6.el9_4.x86_64.rpm", "libndp-debuginfo-0:1.8-6.el9_4.aarch64.rpm", "libndp-debuginfo-0:1.8-6.el9_4.ppc64le.rpm", "libndp-debuginfo-0:1.8-6.el9_4.s390x.rpm", "libndp-debuginfo-0:1.8-6.el9_4.x86_64.rpm", "libndp-debugsource-0:1.8-6.el9_4.aarch64.rpm", "libndp-debugsource-0:1.8-6.el9_4.ppc64le.rpm", "libndp-debugsource-0:1.8-6.el9_4.s390x.rpm", "libndp-debugsource-0:1.8-6.el9_4.x86_64.rpm"]}}, "rebootSuggested": false,"buildReferences": []}. Important libndp security patch available for Rocky Linux addressing buffer overflow flaws. Secure your environment immediately!. libndp security update, Rocky Linux advisory, buffer overflow fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 26, 2024 Important Rocky Linux
219

Rocky Linux 8 RLSA-2024:4620 Importance: Libndp Buffer Overflow

Important: libndp security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2024:4620", "synopsis": "Important: libndp security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for libndp.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Libndp is a library (used by NetworkManager) that provides a wrapper for the IPv6 Neighbor Discovery Protocol. It also provides a tool named ndptool for sending and receiving NDP messages.\n\nSecurity Fix(es):\n\n* libndp: buffer overflow in route information length field (CVE-2024-5564)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2284122", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2284122", "description": ""}], "cves": [{"name": "CVE-2024-5564", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-5564", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.1", "cwe": "CWE-120"}], "references": [], "publishedAt": "2024-07-26T12:32:49.384788Z", "rpms": {"Rocky Linux 8": {"nvras": ["libndp-0:1.7-7.el8_10.aarch64.rpm", "libndp-0:1.7-7.el8_10.i686.rpm", "libndp-0:1.7-7.el8_10.src.rpm", "libndp-0:1.7-7.el8_10.x86_64.rpm", "libndp-debuginfo-0:1.7-7.el8_10.aarch64.rpm", "libndp-debuginfo-0:1.7-7.el8_10.i686.rpm", "libndp-debuginfo-0:1.7-7.el8_10.x86_64.rpm", "libndp-debugsource-0:1.7-7.el8_10.aarch64.rpm", "libndp-debugsource-0:1.7-7.el8_10.i686.rpm", "libndp-debugsource-0:1.7-7.el8_10.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A critical libndp security patch for Rocky Linux has been released to fix a buffer overflow vulnerability. Getdetails on the update.. libndp Update, Rocky Linux Security, Ubuntu Security Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 26, 2024 Important Rocky Linux
217

Oracle Linux 9 ELSA-2024-4636 Important: Libndp Security Advisory

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-4636 http://linux.oracle.com/errata/ELSA-2024-4636.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libndp-1.8-6.el9_4.i686.rpm libndp-1.8-6.el9_4.x86_64.rpm aarch64: libndp-1.8-6.el9_4.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//libndp-1.8-6.el9_4.src.rpm Related CVEs: CVE-2024-5564 Description of changes: [1.8-6] - Validate route information option length [1.8-5] - Convert the license tag to SPDX format Related: RHELMISC-1363 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 9 has released new RPMs, featuring critical security patches for libndp. Refer to ELSA-2024-4636 for more information.. Oracle Linux Security, Libndp Updates, Security Advisory, Linux Updates. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 19, 2024 Important Oracle
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200