Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Untriaged

Permalink CVE-2024-6501

3.1 LOW

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): LOW

created 6 months, 1 week ago

Networkmanager: denial of service

A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. NetworkManager would crash, leading to a denial of service.

References

https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry
RHBZ#2295734 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry
RHBZ#2295734 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry
RHBZ#2295734 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry x_transferred
RHBZ#2295734 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry
RHBZ#2295734 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry x_transferred
RHBZ#2295734 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry
RHBZ#2295734 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry x_transferred
RHBZ#2295734 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry x_transferred
RHBZ#2295734 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry
RHBZ#2295734 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry
RHBZ#2295734 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry x_transferred
RHBZ#2295734 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry
RHBZ#2295734 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry x_transferred
RHBZ#2295734 issue-tracking x_refsource_REDHAT x_transferred
RHSA-2024:9317 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry
RHBZ#2295734 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry x_transferred
RHBZ#2295734 issue-tracking x_refsource_REDHAT x_transferred
RHSA-2024:9317 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry
RHBZ#2295734 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry x_transferred
RHBZ#2295734 issue-tracking x_refsource_REDHAT x_transferred
RHSA-2024:9317 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry
RHBZ#2295734 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry x_transferred
RHBZ#2295734 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry
RHBZ#2295734 issue-tracking x_refsource_REDHAT
RHSA-2024:9317 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry x_transferred
RHBZ#2295734 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry
RHBZ#2295734 issue-tracking x_refsource_REDHAT
RHSA-2024:9317 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry x_transferred
RHBZ#2295734 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry
RHBZ#2295734 issue-tracking x_refsource_REDHAT
RHSA-2024:9317 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry x_transferred
RHBZ#2295734 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry
RHBZ#2295734 issue-tracking x_refsource_REDHAT
RHSA-2024:9317 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2024-6501 x_refsource_REDHAT vdb-entry x_transferred
RHBZ#2295734 issue-tracking x_refsource_REDHAT x_transferred

Affected products

NetworkManager

<1.48.10-2
*

Matching in nixpkgs

pkgs.networkmanager-l2tp

L2TP plugin for NetworkManager

nixos-unstable -
- nixpkgs-unstable l2tp-gnome-1.20.20

pkgs.networkmanager-sstp

NetworkManager's sstp plugin

nixos-unstable -
- nixpkgs-unstable 1.3.2

pkgs.networkmanager-vpnc

NetworkManager's VPNC plugin

nixos-unstable -
- nixpkgs-unstable 1.4.0

pkgs.networkmanager-iodine

NetworkManager's iodine plugin

nixos-unstable -
- nixpkgs-unstable 1.2.0-unstable-2025-09-06

pkgs.networkmanager-openvpn

NetworkManager's OpenVPN plugin

nixos-unstable -
- nixpkgs-unstable 1.12.3

pkgs.networkmanager_strongswan

NetworkManager's strongswan plugin

nixos-unstable -
- nixpkgs-unstable 1.6.2

pkgs.networkmanager-fortisslvpn

NetworkManager’s FortiSSL plugin

nixos-unstable -
- nixpkgs-unstable 1.4.0

pkgs.networkmanager-openconnect

NetworkManager’s OpenConnect plugin

nixos-unstable -
- nixpkgs-unstable 1.2.10

Package maintainers

@jtojnar Jan Tojnar <jtojnar@gmail.com>
@obadz obadz <obadz-nixos@obadz.com>