CVE-2024-5564 : A vulnerability was found in libndp. This flaw allows a local malicious user to

A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information.

Published 2024-05-31 18:31:47

Updated 2024-09-16 21:15:46

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Overflow

Products affected by CVE-2024-5564

Please log in to view affected product information.

Exploit prediction scoring system (EPSS) score for CVE-2024-5564

EPSS FAQ

1.48%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 80 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2024-5564

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.4	HIGH	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H	N/A	N/A	Red Hat, Inc.	2024-05-31
Attack Vector: Local Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
7.4	HIGH	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H	1.4	5.9	Red Hat, Inc.	2024-05-31
Attack Vector: Local Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
8.1	HIGH	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H	2.2	5.9	Red Hat, Inc.	2024-06-28
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
7.4	HIGH	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H	N/A	N/A	RedHat-CVE-2024-5564	2024-05-31
Attack Vector: Local Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2024-5564

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
Assigned by:
- 53f830b8-0a3f-465b-8143-3b8a9948e749 (Primary)
- secalert@redhat.com (Primary)

References for CVE-2024-5564

https://access.redhat.com/errata/RHSA-2024:4622

RHSA-2024:4622 - Security Advisory - Red Hat Customer Portal
https://access.redhat.com/errata/RHSA-2024:4643

RHSA-2024:4643 - Security Advisory - Red Hat Customer Portal
https://access.redhat.com/errata/RHSA-2024:4620

RHSA-2024:4620 - Security Advisory - Red Hat Customer Portal
https://access.redhat.com/errata/RHSA-2024:4618

RHSA-2024:4618 - Security Advisory - Red Hat Customer Portal
https://access.redhat.com/security/cve/CVE-2024-5564

CVE-2024-5564- Red Hat Customer Portal
https://access.redhat.com/errata/RHSA-2024:4636

RHSA-2024:4636 - Security Advisory - Red Hat Customer Portal
https://lists.debian.org/debian-lts-announce/2024/06/msg00011.html

[SECURITY] [DLA 3837-1] libndp security update
https://access.redhat.com/errata/RHSA-2024:4641

RHSA-2024:4641 - Security Advisory - Red Hat Customer Portal
https://access.redhat.com/errata/RHSA-2024:4619

RHSA-2024:4619 - Security Advisory - Red Hat Customer Portal
https://bugzilla.redhat.com/show_bug.cgi?id=2284122

2284122 – (CVE-2024-5564) CVE-2024-5564 libndp: buffer overflow in route information length field
https://access.redhat.com/errata/RHSA-2024:4640

RHSA-2024:4640 - Security Advisory - Red Hat Customer Portal
https://access.redhat.com/errata/RHSA-2024:4642

RHSA-2024:4642 - Security Advisory - Red Hat Customer Portal

Jump to

Vulnerability Details : CVE-2024-5564

Products affected by CVE-2024-5564

Exploit prediction scoring system (EPSS) score for CVE-2024-5564

CVSS scores for CVE-2024-5564

CWE ids for CVE-2024-5564

References for CVE-2024-5564