CVE-2024-5564

{"id": "CVE-2024-5564", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2024-05-31T19:15:08.883", "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:4618", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4619", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4620", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4622", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4636", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4640", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4641", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4642", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4643", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/security/cve/CVE-2024-5564", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284122", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4618", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4619", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4620", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4622", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4636", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4640", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4641", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4642", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2024:4643", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/security/cve/CVE-2024-5564", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284122", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00011.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en libndp. Esta falla permite que un usuario malintencionado local provoque un desbordamiento del b\u00fafer en NetworkManager, provocado al enviar un paquete de publicidad de enrutador IPv6 con formato incorrecto. Este problema se produjo porque libndp no validaba correctamente la informaci\u00f3n de longitud de la ruta."}], "lastModified": "2024-11-21T09:47:56.340", "sourceIdentifier": "secalert@redhat.com"}