This issue affects the versions of systemd-networkd as shipped with Red Hat Enterprise Linux 7, however the package is available only through the rhel-7-server-optional-rpms repository and it cannot be exploited unless the interface is explicitly configured to use DHCP.
This issue affects the versions of NetworkManager as shipped with Red Hat Enterprise Linux 7 because the package includes some parts of the systemd-networkd code, which present the same vulnerability. NetworkManager is vulnerable to this flaw only when configured to use the internal DHCP, which is not the default. However, when it is, the flaw may be triggered by a connection where either ipv6.method is set to dhcp or it is set to auto, which is the default value.
CVSS v3 metrics
|CVSS3 Base Score||8.8|
|CVSS3 Base Metrics||CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H|
|Attack Vector||Adjacent Network|
Red Hat Security Errata
|Red Hat Enterprise Linux 7 (systemd)||RHSA-2019:0049||2019-01-14|
|Red Hat Enterprise Linux 7 (NetworkManager)||RHSA-2018:3665||2018-11-27|
Affected Packages State
|Red Hat Virtualization 4||rhvm-appliance||Not affected|
|Red Hat Virtualization 4||redhat-virtualization-host||Not affected|
|Red Hat Enterprise Linux 6||NetworkManager||Not affected|
|Red Hat Enterprise Linux 5||NetworkManager||Not affected|