Red Hat Product Errata RHSA-2024:4642 - Security Advisory
Issued:
2024-07-18
Updated:
2024-07-19

RHSA-2024:4642 - Security Advisory

Synopsis

Important: libndp security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libndp is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Libndp is a library (used by NetworkManager) that provides a wrapper for the IPv6 Neighbor Discovery Protocol. It also provides a tool named ndptool for sending and receiving NDP messages.

Security Fix(es):

  • libndp: buffer overflow in route information length field (CVE-2024-5564)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x

Fixes

  • BZ - 2284122 - CVE-2024-5564 libndp: buffer overflow in route information length field

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2

SRPM
libndp-1.8-5.el9_2.src.rpm SHA-256: 7ed31f9b3dff098dfb24a6819a6b23ccc96c803581f5fe5793b7c36de3863d3b
x86_64
libndp-1.8-5.el9_2.i686.rpm SHA-256: 2fc803f703900f75e05996fcc96df85477c6a9fef0ca3d5b2f0dacb4afcadd9c
libndp-1.8-5.el9_2.x86_64.rpm SHA-256: 2419deaf15eb286bad069cab8330d320aa42a45bd1728e596e733f50b1171408
libndp-debuginfo-1.8-5.el9_2.i686.rpm SHA-256: 739e98c5ff19489d665b9028834a6481e37d703cdf374bbb0a6622e6a40ad09b
libndp-debuginfo-1.8-5.el9_2.x86_64.rpm SHA-256: 481fd5cb495e4bd8de0d9488ba3831c910eebd627f5fb1c757885a877186a865
libndp-debugsource-1.8-5.el9_2.i686.rpm SHA-256: 0509ddb0bda23118c2f43591965920fc28e0ef0a2c04122806d147fe06326f9f
libndp-debugsource-1.8-5.el9_2.x86_64.rpm SHA-256: 13140952af2914720ace86723fb71b43be3350e4265471f86060f0a066b0f9ad

Red Hat Enterprise Linux Server - AUS 9.2

SRPM
libndp-1.8-5.el9_2.src.rpm SHA-256: 7ed31f9b3dff098dfb24a6819a6b23ccc96c803581f5fe5793b7c36de3863d3b
x86_64
libndp-1.8-5.el9_2.i686.rpm SHA-256: 2fc803f703900f75e05996fcc96df85477c6a9fef0ca3d5b2f0dacb4afcadd9c
libndp-1.8-5.el9_2.x86_64.rpm SHA-256: 2419deaf15eb286bad069cab8330d320aa42a45bd1728e596e733f50b1171408
libndp-debuginfo-1.8-5.el9_2.i686.rpm SHA-256: 739e98c5ff19489d665b9028834a6481e37d703cdf374bbb0a6622e6a40ad09b
libndp-debuginfo-1.8-5.el9_2.x86_64.rpm SHA-256: 481fd5cb495e4bd8de0d9488ba3831c910eebd627f5fb1c757885a877186a865
libndp-debugsource-1.8-5.el9_2.i686.rpm SHA-256: 0509ddb0bda23118c2f43591965920fc28e0ef0a2c04122806d147fe06326f9f
libndp-debugsource-1.8-5.el9_2.x86_64.rpm SHA-256: 13140952af2914720ace86723fb71b43be3350e4265471f86060f0a066b0f9ad

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2

SRPM
libndp-1.8-5.el9_2.src.rpm SHA-256: 7ed31f9b3dff098dfb24a6819a6b23ccc96c803581f5fe5793b7c36de3863d3b
s390x
libndp-1.8-5.el9_2.s390x.rpm SHA-256: f14698b93d10392f6c5dc0b0298d0336201e2785250085946925ff9d41621e3c
libndp-debuginfo-1.8-5.el9_2.s390x.rpm SHA-256: 21898e0ffb80f223e141b742a2c4d2e7a12627db2d12f20e55e04b95cac38ef4
libndp-debugsource-1.8-5.el9_2.s390x.rpm SHA-256: f8b85a789c0045bebbb38d54417e306ef93441d5ec44bd2423984712c0587efe

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2

SRPM
libndp-1.8-5.el9_2.src.rpm SHA-256: 7ed31f9b3dff098dfb24a6819a6b23ccc96c803581f5fe5793b7c36de3863d3b
ppc64le
libndp-1.8-5.el9_2.ppc64le.rpm SHA-256: ffe695f32ddd6fa7f77e1f93299c2cfd3e50ade498eefcd4a4bb5675dd5a9ed4
libndp-debuginfo-1.8-5.el9_2.ppc64le.rpm SHA-256: 6068f7164a45f6358652301507441d2bcd09d29a7e2ab3137eb776c6958984e2
libndp-debugsource-1.8-5.el9_2.ppc64le.rpm SHA-256: 9983e7f0fd8a1b08488a8ef1a808b6640f103db2eb3deb46ac2e1171cacdd24c

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2

SRPM
libndp-1.8-5.el9_2.src.rpm SHA-256: 7ed31f9b3dff098dfb24a6819a6b23ccc96c803581f5fe5793b7c36de3863d3b
aarch64
libndp-1.8-5.el9_2.aarch64.rpm SHA-256: f6f39be6eb1e65e1af06abccb1d8f317598307664d3a3169814daf3a2aac5e56
libndp-debuginfo-1.8-5.el9_2.aarch64.rpm SHA-256: 2274e3891bb688d663ba6e3141f0aba7fded5a4233c3c8e911be619a16531833
libndp-debugsource-1.8-5.el9_2.aarch64.rpm SHA-256: 1bd6e172fd81b2b7abc6b00aa6ad4c22bd0aa351e115087c4c8b3043c6ba3d07

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2

SRPM
libndp-1.8-5.el9_2.src.rpm SHA-256: 7ed31f9b3dff098dfb24a6819a6b23ccc96c803581f5fe5793b7c36de3863d3b
ppc64le
libndp-1.8-5.el9_2.ppc64le.rpm SHA-256: ffe695f32ddd6fa7f77e1f93299c2cfd3e50ade498eefcd4a4bb5675dd5a9ed4
libndp-debuginfo-1.8-5.el9_2.ppc64le.rpm SHA-256: 6068f7164a45f6358652301507441d2bcd09d29a7e2ab3137eb776c6958984e2
libndp-debugsource-1.8-5.el9_2.ppc64le.rpm SHA-256: 9983e7f0fd8a1b08488a8ef1a808b6640f103db2eb3deb46ac2e1171cacdd24c

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM
libndp-1.8-5.el9_2.src.rpm SHA-256: 7ed31f9b3dff098dfb24a6819a6b23ccc96c803581f5fe5793b7c36de3863d3b
x86_64
libndp-1.8-5.el9_2.i686.rpm SHA-256: 2fc803f703900f75e05996fcc96df85477c6a9fef0ca3d5b2f0dacb4afcadd9c
libndp-1.8-5.el9_2.x86_64.rpm SHA-256: 2419deaf15eb286bad069cab8330d320aa42a45bd1728e596e733f50b1171408
libndp-debuginfo-1.8-5.el9_2.i686.rpm SHA-256: 739e98c5ff19489d665b9028834a6481e37d703cdf374bbb0a6622e6a40ad09b
libndp-debuginfo-1.8-5.el9_2.x86_64.rpm SHA-256: 481fd5cb495e4bd8de0d9488ba3831c910eebd627f5fb1c757885a877186a865
libndp-debugsource-1.8-5.el9_2.i686.rpm SHA-256: 0509ddb0bda23118c2f43591965920fc28e0ef0a2c04122806d147fe06326f9f
libndp-debugsource-1.8-5.el9_2.x86_64.rpm SHA-256: 13140952af2914720ace86723fb71b43be3350e4265471f86060f0a066b0f9ad

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2

SRPM
libndp-1.8-5.el9_2.src.rpm SHA-256: 7ed31f9b3dff098dfb24a6819a6b23ccc96c803581f5fe5793b7c36de3863d3b
aarch64
libndp-1.8-5.el9_2.aarch64.rpm SHA-256: f6f39be6eb1e65e1af06abccb1d8f317598307664d3a3169814daf3a2aac5e56
libndp-debuginfo-1.8-5.el9_2.aarch64.rpm SHA-256: 2274e3891bb688d663ba6e3141f0aba7fded5a4233c3c8e911be619a16531833
libndp-debugsource-1.8-5.el9_2.aarch64.rpm SHA-256: 1bd6e172fd81b2b7abc6b00aa6ad4c22bd0aa351e115087c4c8b3043c6ba3d07

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2

SRPM
libndp-1.8-5.el9_2.src.rpm SHA-256: 7ed31f9b3dff098dfb24a6819a6b23ccc96c803581f5fe5793b7c36de3863d3b
s390x
libndp-1.8-5.el9_2.s390x.rpm SHA-256: f14698b93d10392f6c5dc0b0298d0336201e2785250085946925ff9d41621e3c
libndp-debuginfo-1.8-5.el9_2.s390x.rpm SHA-256: 21898e0ffb80f223e141b742a2c4d2e7a12627db2d12f20e55e04b95cac38ef4
libndp-debugsource-1.8-5.el9_2.s390x.rpm SHA-256: f8b85a789c0045bebbb38d54417e306ef93441d5ec44bd2423984712c0587efe

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.