Oval Definition:oval:com.redhat.rhsa:def:20161086
Revision Date:2016-05-17Version:641
Title:RHSA-2016:1086: libndp security update (Moderate)
Description:Libndp is a library (used by NetworkManager) that provides a wrapper for the IPv6 Neighbor Discovery Protocol. It also provides a tool named ndptool for sending and receiving NDP messages.

Security Fix(es):

  • It was found that libndp did not properly validate and check the origin of Neighbor Discovery Protocol (NDP) messages. An attacker on a non-local network could use this flaw to advertise a node as a router, allowing them to perform man-in-the-middle attacks on a connecting client, or disrupt the network connectivity of that client. (CVE-2016-3698)

    Red Hat would like to thank Julien Bernard (Viagénie) for reporting this issue.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2016-3698
    RHSA-2016:1086
    RHSA-2016:1086-00
    RHSA-2016:1086-01
    Platform(s):Red Hat Enterprise Linux 7
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND
  • libndp is earlier than 0:1.2-6.el7_2
  • AND libndp is signed with Red Hat redhatrelease2 key
  • libndp-devel is earlier than 0:1.2-6.el7_2
  • AND libndp-devel is signed with Red Hat redhatrelease2 key
    • BACK