Date: Wed, 18 May 2016 13:40:18 +0200 From: Cedric Buissart <cbuissar@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: CVE-2016-3698 libndp: denial of service due to insufficient validation of source of NDP messages Accidental miss-use of copy/paste : updated subject with the CVE number. On Tue, May 17, 2016 at 8:40 PM, Cedric Buissart <cbuissar@...hat.com> wrote: > Dear all, > > An improper input validation check, and improper origin check flaw during > the reception of NDP message was discovered in libndp. An attacker in a > non local network could use this flaw to advertise a node as a router, and > cause a denial of service attack, or act as a man in the middle. > > The patches enforce that hop limit must be 255, to ensure that the NDP > message > has not been routed. > > Patches can be found upsteam: > > - libndp: validate the IPv6 hop limit > > https://github.com/jpirko/libndp/commit/a4892df306e0532487f1634ba6d4c6d4bb381c7f > > - libndb: reject redirect and router advertisements from non-link-local > > https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839 > https://people.freedesktop.org/~lkundrak/.libndp/ > > Known affected packages : NetworkManager >= 1.0 > > Thanks to Julien Bernard (Viagénie) for discovering the issue > > Kind regards, > -- > Cedric Buissart > Purkynova 99 > Brno 612 45 > -- Cedric Buissart, Product Security Purkynova 99 Brno 612 45
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ