CVE-2024-5564

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published May 31, 2024

Updated: Jul 19, 2024

CWE ID 120

Summary

CVE-2024-5564 is a newly discovered vulnerability affecting the libndp library. A malicious local user can exploit this issue by sending a malformed IPv6 router advertisement packet, leading to a buffer overflow in NetworkManager. The cause of this vulnerability is that libndp fails to properly validate route length information. Successful exploitation may result in arbitrary code execution or a denial-of-service condition. This flaw poses a significant risk and requires immediate attention from system administrators and software vendors.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/wNWCDa
https://www.cve.org/CVERecord?id=CVE-2024-5564
https://nvd.nist.gov/vuln/detail/CVE-2024-5564

Back to Vulnerability Database

CVE-2024-5564

CVSS 3.1 Score 8.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations