Good morning,
The below was previously sent to the distros list. A patch is available
from https://bugzilla.redhat.com/attachment.cgi?id=917255
libndp (libndp.org) provides a library for the IPv6 Neighbor Discovery
Protocol. Andrew Ayer discovered a buffer overflow flaw in the
ndp_msg_opt_dnssl_domain() function when handling the DNS Search List
(DNSSL) in IPv6 router advertisements. A malicious router or
man-in-the-middle attacker could use this flaw to cause an application
using libndp to crash or, potentially, execute arbitrary code.
(CVE-2014-3554)
Please credit Andrew Ayer with the discovery.
Cheers,
https://bugzilla.redhat.com/show_bug.cgi?id=1118583
The below was previously sent to the distros list. A patch is available
from https://bugzilla.redhat.com/attachment.cgi?id=917255
libndp (libndp.org) provides a library for the IPv6 Neighbor Discovery
Protocol. Andrew Ayer discovered a buffer overflow flaw in the
ndp_msg_opt_dnssl_domain() function when handling the DNS Search List
(DNSSL) in IPv6 router advertisements. A malicious router or
man-in-the-middle attacker could use this flaw to cause an application
using libndp to crash or, potentially, execute arbitrary code.
(CVE-2014-3554)
Please credit Andrew Ayer with the discovery.
Cheers,
https://bugzilla.redhat.com/show_bug.cgi?id=1118583