CVE-2020-13529

An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.1 MEDIUM
ADJACENT_NETWORK
HIGH
NONE
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 24%
Affected Products (NVD)
VendorProductVersion
netappactive_iq_unified_manager
-
netappcloud_backup
-
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
systemd
bookworm
252.30-1~deb12u2
fixed
bullseye
unimportant
bullseye (security)
unimportant
sid
256.7-3
fixed
trixie
256.7-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
systemd
bionic
Fixed 237-3ubuntu10.49
released
focal
Fixed 245.4-4ubuntu3.10
released
groovy
Fixed 246.6-1ubuntu1.7
released
hirsute
Fixed 247.3-3ubuntu3.4
released
impish
Fixed 248.3-1ubuntu3
released
jammy
Fixed 248.3-1ubuntu3
released
kinetic
Fixed 248.3-1ubuntu3
released
lunar
Fixed 248.3-1ubuntu3
released
mantic
Fixed 248.3-1ubuntu3
released
noble
Fixed 248.3-1ubuntu3
released
trusty
needed
xenial
Fixed 229-4ubuntu21.31+esm1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
NetworkManager-devel
suse enterprise desktop 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise sap 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise server 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise workstation 15 SP4
1.32.12-150400.1.11
fixed
NetworkManager-lang
suse enterprise desktop 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise sap 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise server 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise workstation 15 SP4
1.32.12-150400.1.11
fixed
libnm0
suse enterprise desktop 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise desktop 15 SP5
1.38.6-150500.1.2
fixed
suse enterprise desktop 15 SP6
1.44.2-150600.1.7
fixed
suse enterprise desktop 15 SP7
1.44.2-150600.3.2.1
fixed
suse enterprise sap 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise sap 15 SP5
1.38.6-150500.1.2
fixed
suse enterprise sap 15 SP6
1.44.2-150600.1.7
fixed
suse enterprise sap 15 SP7
1.44.2-150600.3.2.1
fixed
suse enterprise server 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise server 15 SP5
1.38.6-150500.1.2
fixed
suse enterprise server 15 SP6
1.44.2-150600.1.7
fixed
suse enterprise server 15 SP7
1.44.2-150600.3.2.1
fixed
libsystemd0
suse enterprise desktop 15 SP3
246.15-7.11.1
fixed
suse enterprise desktop 15 SP4
249.11-150400.6.8
fixed
suse enterprise desktop 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise desktop 15 SP6
254.10-150600.2.3
fixed
suse enterprise desktop 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise sap 15 SP3
246.15-7.11.1
fixed
suse enterprise sap 15 SP4
249.11-150400.6.8
fixed
suse enterprise sap 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise sap 15 SP6
254.10-150600.2.3
fixed
suse enterprise sap 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise server 15 SP3
246.15-7.11.1
fixed
suse enterprise server 15 SP4
249.11-150400.6.8
fixed
suse enterprise server 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise server 15 SP6
254.10-150600.2.3
fixed
suse enterprise server 15 SP7
254.24-150600.4.28.1
fixed
libsystemd0-32bit
suse enterprise desktop 15 SP3
246.15-7.11.1
fixed
suse enterprise desktop 15 SP4
249.11-150400.6.8
fixed
suse enterprise desktop 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise desktop 15 SP6
254.10-150600.2.3
fixed
suse enterprise desktop 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise sap 15 SP3
246.15-7.11.1
fixed
suse enterprise sap 15 SP4
249.11-150400.6.8
fixed
suse enterprise sap 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise sap 15 SP6
254.10-150600.2.3
fixed
suse enterprise sap 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise server 15 SP3
246.15-7.11.1
fixed
suse enterprise server 15 SP4
249.11-150400.6.8
fixed
suse enterprise server 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise server 15 SP6
254.10-150600.2.3
fixed
suse enterprise server 15 SP7
254.24-150600.4.28.1
fixed
libudev-devel
suse enterprise desktop 15 SP3
246.15-7.11.1
fixed
suse enterprise sap 15 SP3
246.15-7.11.1
fixed
suse enterprise server 15 SP3
246.15-7.11.1
fixed
libudev1
suse enterprise desktop 15 SP3
246.15-7.11.1
fixed
suse enterprise desktop 15 SP4
249.11-150400.6.8
fixed
suse enterprise desktop 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise desktop 15 SP6
254.10-150600.2.3
fixed
suse enterprise desktop 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise sap 15 SP3
246.15-7.11.1
fixed
suse enterprise sap 15 SP4
249.11-150400.6.8
fixed
suse enterprise sap 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise sap 15 SP6
254.10-150600.2.3
fixed
suse enterprise sap 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise server 15 SP3
246.15-7.11.1
fixed
suse enterprise server 15 SP4
249.11-150400.6.8
fixed
suse enterprise server 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise server 15 SP6
254.10-150600.2.3
fixed
suse enterprise server 15 SP7
254.24-150600.4.28.1
fixed
libudev1-32bit
suse enterprise desktop 15 SP3
246.15-7.11.1
fixed
suse enterprise desktop 15 SP4
249.11-150400.6.8
fixed
suse enterprise desktop 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise desktop 15 SP6
254.10-150600.2.3
fixed
suse enterprise desktop 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise sap 15 SP3
246.15-7.11.1
fixed
suse enterprise sap 15 SP4
249.11-150400.6.8
fixed
suse enterprise sap 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise sap 15 SP6
254.10-150600.2.3
fixed
suse enterprise sap 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise server 15 SP3
246.15-7.11.1
fixed
suse enterprise server 15 SP4
249.11-150400.6.8
fixed
suse enterprise server 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise server 15 SP6
254.10-150600.2.3
fixed
suse enterprise server 15 SP7
254.24-150600.4.28.1
fixed
systemd
suse enterprise desktop 15 SP3
246.15-7.11.1
fixed
suse enterprise desktop 15 SP4
249.11-150400.6.8
fixed
suse enterprise desktop 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise desktop 15 SP6
254.10-150600.2.3
fixed
suse enterprise desktop 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise sap 15 SP3
246.15-7.11.1
fixed
suse enterprise sap 15 SP4
249.11-150400.6.8
fixed
suse enterprise sap 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise sap 15 SP6
254.10-150600.2.3
fixed
suse enterprise sap 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise server 15 SP3
246.15-7.11.1
fixed
suse enterprise server 15 SP4
249.11-150400.6.8
fixed
suse enterprise server 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise server 15 SP6
254.10-150600.2.3
fixed
suse enterprise server 15 SP7
254.24-150600.4.28.1
fixed
systemd-32bit
suse enterprise desktop 15 SP3
246.15-7.11.1
fixed
suse enterprise desktop 15 SP4
249.11-150400.6.8
fixed
suse enterprise desktop 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise desktop 15 SP6
254.10-150600.2.3
fixed
suse enterprise desktop 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise sap 15 SP3
246.15-7.11.1
fixed
suse enterprise sap 15 SP4
249.11-150400.6.8
fixed
suse enterprise sap 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise sap 15 SP6
254.10-150600.2.3
fixed
suse enterprise sap 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise server 15 SP3
246.15-7.11.1
fixed
suse enterprise server 15 SP4
249.11-150400.6.8
fixed
suse enterprise server 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise server 15 SP6
254.10-150600.2.3
fixed
suse enterprise server 15 SP7
254.24-150600.4.28.1
fixed
systemd-container
suse enterprise desktop 15 SP3
246.15-7.11.1
fixed
suse enterprise desktop 15 SP4
249.11-150400.6.8
fixed
suse enterprise desktop 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise desktop 15 SP6
254.10-150600.2.3
fixed
suse enterprise desktop 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise sap 15 SP3
246.15-7.11.1
fixed
suse enterprise sap 15 SP4
249.11-150400.6.8
fixed
suse enterprise sap 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise sap 15 SP6
254.10-150600.2.3
fixed
suse enterprise sap 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise server 15 SP3
246.15-7.11.1
fixed
suse enterprise server 15 SP4
249.11-150400.6.8
fixed
suse enterprise server 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise server 15 SP6
254.10-150600.2.3
fixed
suse enterprise server 15 SP7
254.24-150600.4.28.1
fixed
systemd-coredump
suse enterprise desktop 15 SP3
246.15-7.11.1
fixed
suse enterprise desktop 15 SP4
249.11-150400.6.8
fixed
suse enterprise desktop 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise desktop 15 SP6
254.10-150600.2.3
fixed
suse enterprise desktop 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise sap 15 SP3
246.15-7.11.1
fixed
suse enterprise sap 15 SP4
249.11-150400.6.8
fixed
suse enterprise sap 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise sap 15 SP6
254.10-150600.2.3
fixed
suse enterprise sap 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise server 15 SP3
246.15-7.11.1
fixed
suse enterprise server 15 SP4
249.11-150400.6.8
fixed
suse enterprise server 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise server 15 SP6
254.10-150600.2.3
fixed
suse enterprise server 15 SP7
254.24-150600.4.28.1
fixed
systemd-devel
suse enterprise desktop 15 SP3
246.15-7.11.1
fixed
suse enterprise desktop 15 SP4
249.11-150400.6.8
fixed
suse enterprise desktop 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise desktop 15 SP6
254.10-150600.2.3
fixed
suse enterprise desktop 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise sap 15 SP3
246.15-7.11.1
fixed
suse enterprise sap 15 SP4
249.11-150400.6.8
fixed
suse enterprise sap 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise sap 15 SP6
254.10-150600.2.3
fixed
suse enterprise sap 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise server 15 SP3
246.15-7.11.1
fixed
suse enterprise server 15 SP4
249.11-150400.6.8
fixed
suse enterprise server 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise server 15 SP6
254.10-150600.2.3
fixed
suse enterprise server 15 SP7
254.24-150600.4.28.1
fixed
systemd-doc
suse enterprise desktop 15 SP3
246.15-7.11.1
fixed
suse enterprise desktop 15 SP4
249.11-150400.6.8
fixed
suse enterprise desktop 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise desktop 15 SP6
254.10-150600.2.3
fixed
suse enterprise desktop 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise sap 15 SP3
246.15-7.11.1
fixed
suse enterprise sap 15 SP4
249.11-150400.6.8
fixed
suse enterprise sap 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise sap 15 SP6
254.10-150600.2.3
fixed
suse enterprise sap 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise server 15 SP3
246.15-7.11.1
fixed
suse enterprise server 15 SP4
249.11-150400.6.8
fixed
suse enterprise server 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise server 15 SP6
254.10-150600.2.3
fixed
suse enterprise server 15 SP7
254.24-150600.4.28.1
fixed
systemd-journal-remote
suse enterprise desktop 15 SP3
246.15-7.11.1
fixed
suse enterprise sap 15 SP3
246.15-7.11.1
fixed
suse enterprise server 15 SP3
246.15-7.11.1
fixed
systemd-lang
suse enterprise desktop 15 SP3
246.15-7.11.1
fixed
suse enterprise desktop 15 SP4
249.11-150400.6.8
fixed
suse enterprise desktop 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise desktop 15 SP6
254.10-150600.2.3
fixed
suse enterprise desktop 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise sap 15 SP3
246.15-7.11.1
fixed
suse enterprise sap 15 SP4
249.11-150400.6.8
fixed
suse enterprise sap 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise sap 15 SP6
254.10-150600.2.3
fixed
suse enterprise sap 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise server 15 SP3
246.15-7.11.1
fixed
suse enterprise server 15 SP4
249.11-150400.6.8
fixed
suse enterprise server 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise server 15 SP6
254.10-150600.2.3
fixed
suse enterprise server 15 SP7
254.24-150600.4.28.1
fixed
systemd-sysvcompat
suse enterprise desktop 15 SP6
254.10-150600.2.3
fixed
suse enterprise desktop 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise sap 15 SP6
254.10-150600.2.3
fixed
suse enterprise sap 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise server 15 SP6
254.10-150600.2.3
fixed
suse enterprise server 15 SP7
254.24-150600.4.28.1
fixed
systemd-sysvinit
suse enterprise desktop 15 SP3
246.15-7.11.1
fixed
suse enterprise desktop 15 SP4
249.11-150400.6.8
fixed
suse enterprise desktop 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise sap 15 SP3
246.15-7.11.1
fixed
suse enterprise sap 15 SP4
249.11-150400.6.8
fixed
suse enterprise sap 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise server 15 SP3
246.15-7.11.1
fixed
suse enterprise server 15 SP4
249.11-150400.6.8
fixed
suse enterprise server 15 SP5
249.16-150400.8.25.7
fixed
typelib-1_0-NM-1_0
suse enterprise desktop 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise desktop 15 SP5
1.38.6-150500.1.2
fixed
suse enterprise desktop 15 SP6
1.44.2-150600.1.7
fixed
suse enterprise desktop 15 SP7
1.44.2-150600.3.2.1
fixed
suse enterprise sap 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise sap 15 SP5
1.38.6-150500.1.2
fixed
suse enterprise sap 15 SP6
1.44.2-150600.1.7
fixed
suse enterprise sap 15 SP7
1.44.2-150600.3.2.1
fixed
suse enterprise server 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise server 15 SP5
1.38.6-150500.1.2
fixed
suse enterprise server 15 SP6
1.44.2-150600.1.7
fixed
suse enterprise server 15 SP7
1.44.2-150600.3.2.1
fixed
udev
suse enterprise desktop 15 SP3
246.15-7.11.1
fixed
suse enterprise desktop 15 SP4
249.11-150400.6.8
fixed
suse enterprise desktop 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise desktop 15 SP6
254.10-150600.2.3
fixed
suse enterprise desktop 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise sap 15 SP3
246.15-7.11.1
fixed
suse enterprise sap 15 SP4
249.11-150400.6.8
fixed
suse enterprise sap 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise sap 15 SP6
254.10-150600.2.3
fixed
suse enterprise sap 15 SP7
254.24-150600.4.28.1
fixed
suse enterprise server 15 SP3
246.15-7.11.1
fixed
suse enterprise server 15 SP4
249.11-150400.6.8
fixed
suse enterprise server 15 SP5
249.16-150400.8.25.7
fixed
suse enterprise server 15 SP6
254.10-150600.2.3
fixed
suse enterprise server 15 SP7
254.24-150600.4.28.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
NetworkManager
RHEL 8
1:1.32.10-4.el8
fixed
NetworkManager-adsl
RHEL 8
1:1.32.10-4.el8
fixed
NetworkManager-bluetooth
RHEL 8
1:1.32.10-4.el8
fixed
NetworkManager-cloud-setup
RHEL 8
1:1.32.10-4.el8
fixed
NetworkManager-config-connectivity-redhat
RHEL 8
1:1.32.10-4.el8
fixed
NetworkManager-config-server
RHEL 8
1:1.32.10-4.el8
fixed
NetworkManager-dispatcher-routing-rules
RHEL 8
1:1.32.10-4.el8
fixed
NetworkManager-libnm
RHEL 8
1:1.32.10-4.el8
fixed
NetworkManager-libnm-devel
RHEL 8
1:1.32.10-4.el8
fixed
NetworkManager-ovs
RHEL 8
1:1.32.10-4.el8
fixed
NetworkManager-ppp
RHEL 8
1:1.32.10-4.el8
fixed
NetworkManager-team
RHEL 8
1:1.32.10-4.el8
fixed
NetworkManager-tui
RHEL 8
1:1.32.10-4.el8
fixed
NetworkManager-wifi
RHEL 8
1:1.32.10-4.el8
fixed
NetworkManager-wwan
RHEL 8
1:1.32.10-4.el8
fixed
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2021/08/04/2
http://www.openwall.com/lists/oss-security/2021/08/17/3
http://www.openwall.com/lists/oss-security/2021/09/07/3
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/
https://security.gentoo.org/glsa/202107-48
https://security.netapp.com/advisory/ntap-20210625-0005/
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142
http://www.openwall.com/lists/oss-security/2021/08/04/2
http://www.openwall.com/lists/oss-security/2021/08/17/3
http://www.openwall.com/lists/oss-security/2021/09/07/3
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/
https://security.gentoo.org/glsa/202107-48
https://security.netapp.com/advisory/ntap-20210625-0005/
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142