CVE-2024-6501

EUVD-2024-48009
A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. NetworkManager would crash, leading to a denial of service.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.1 LOW
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 24%
Debian logo
Debian Releases
Debian Product
Codename
network-manager
bookworm
1.42.4-1+deb12u1
fixed
bullseye
1.30.6-1+deb11u1
not-affected
forky
1.54.3-1
fixed
sid
1.54.3-1
fixed
trixie
1.52.1-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
network-manager
bionic
not-affected
focal
not-affected
jammy
not-affected
mantic
ignored
noble
needed
oracular
ignored
plucky
not-affected
questing
not-affected
xenial
not-affected
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
NetworkManager
RHEL 9
1:1.48.10-2.el9_5
fixed
NetworkManager-adsl
RHEL 9
1:1.48.10-2.el9_5
fixed
NetworkManager-bluetooth
RHEL 9
1:1.48.10-2.el9_5
fixed
NetworkManager-cloud-setup
RHEL 9
1:1.48.10-2.el9_5
fixed
NetworkManager-config-connectivity-redhat
RHEL 9
1:1.48.10-2.el9_5
fixed
NetworkManager-config-server
RHEL 9
1:1.48.10-2.el9_5
fixed
NetworkManager-dispatcher-routing-rules
RHEL 9
1:1.48.10-2.el9_5
fixed
NetworkManager-initscripts-updown
RHEL 9
1:1.48.10-2.el9_5
fixed
NetworkManager-libnm
RHEL 9
1:1.48.10-2.el9_5
fixed
NetworkManager-libnm-devel
RHEL 9
1:1.48.10-2.el9_5
fixed
NetworkManager-ovs
RHEL 9
1:1.48.10-2.el9_5
fixed
NetworkManager-ppp
RHEL 9
1:1.48.10-2.el9_5
fixed
NetworkManager-team
RHEL 9
1:1.48.10-2.el9_5
fixed
NetworkManager-tui
RHEL 9
1:1.48.10-2.el9_5
fixed
NetworkManager-wifi
RHEL 9
1:1.48.10-2.el9_5
fixed
NetworkManager-wwan
RHEL 9
1:1.48.10-2.el9_5
fixed
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2024:9317
https://access.redhat.com/security/cve/CVE-2024-6501
https://bugzilla.redhat.com/show_bug.cgi?id=2295734
https://access.redhat.com/security/cve/CVE-2024-6501
https://bugzilla.redhat.com/show_bug.cgi?id=2295734