Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 18 May 2016 13:40:18 +0200
From: Cedric Buissart <cbuissar@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE-2016-3698 libndp: denial of service due to
 insufficient validation of source of NDP messages

Accidental miss-use of copy/paste : updated subject with the CVE number.

On Tue, May 17, 2016 at 8:40 PM, Cedric Buissart <cbuissar@...hat.com>
wrote:

> Dear all,
>
> An improper input validation check, and improper origin check flaw during
> the reception of NDP message was discovered in libndp. An attacker in a
> non local network could use this flaw to advertise a node as a router, and
> cause a denial of service attack, or act as a man in the middle.
>
> The patches enforce that hop limit must be 255, to ensure that the NDP
> message
> has not been routed.
>
> Patches can be found upsteam:
>
>  -  libndp: validate the IPv6 hop limit
>
> https://github.com/jpirko/libndp/commit/a4892df306e0532487f1634ba6d4c6d4bb381c7f
>
>  -  libndb: reject redirect and router advertisements from non-link-local
>
> https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839
>   https://people.freedesktop.org/~lkundrak/.libndp/
>
> Known affected packages : NetworkManager >= 1.0
>
> Thanks to Julien Bernard (Viagénie) for discovering the issue
>
> Kind regards,
> --
> Cedric Buissart
> Purkynova 99
> Brno 612 45
>



-- 
Cedric Buissart,
Product Security

Purkynova 99
Brno 612 45

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ