Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 29 Jul 2014 22:09:23 +1000
From: Murray McAllister <>
Subject: CVE-2014-3554: libndp buffer overflow

Good morning,

The below was previously sent to the distros list. A patch is available 

libndp ( provides a library for the IPv6 Neighbor Discovery 
Protocol. Andrew Ayer discovered a buffer overflow flaw in the 
ndp_msg_opt_dnssl_domain() function when handling the DNS Search List 
(DNSSL) in IPv6 router advertisements. A malicious router or 
man-in-the-middle attacker could use this flaw to cause an application 
using libndp to crash or, potentially, execute arbitrary code. 

Please credit Andrew Ayer with the discovery.


Murray McAllister / Red Hat Product Security

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ