CVE-2024-6501

Published: Jul 9, 2024Modified: Nov 21, 2024

3.1

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

Exploitability: 1.6 / Impact: 1.4

Source: secalert@redhat.com (Secondary)

Description

A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. NetworkManager would crash, leading to a denial of service.

Related CWEs

CWE-400

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (5)

https://access.redhat.com/errata/RHSA-2024:9317

Source: secalert@redhat.com

https://access.redhat.com/security/cve/CVE-2024-6501

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2295734

Source: secalert@redhat.com

https://access.redhat.com/security/cve/CVE-2024-6501

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=2295734

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.