| Summary: | libndp new security issue CVE-2024-5564 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Nicolas Salguero <nicolas.salguero> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | andrewsfarm, geiger.david68210, herman.viaene, sysadmin-bugs |
| Version: | 9 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA9-64-OK | ||
| Source RPM: | libndp-1.8-2.mga9.src.rpm | CVE: | CVE-2024-5564 |
| Status comment: | Patch available from Ubuntu and upstream | ||
|
Description
Nicolas Salguero
2024-06-13 16:39:20 CEST
Nicolas Salguero
2024-06-13 16:39:52 CEST
CVE:
(none) =>
CVE-2024-5564 Done for both mga9 and Cauldron! Assigning to QA, Packages in 9/Core/Updates_testing: ====================== libndp-devel-1.8-2.1.mga9 libndp0-1.8-2.1.mga9 lib64ndp-devel-1.8-2.1.mga9 lib64ndp0-1.8-2.1.mga9 ndptool-1.8-2.1.mga9 From SRPMS: libndp-1.8-2.1.mga9.src.rpm CC:
(none) =>
geiger.david68210
katnatek
2024-06-14 19:50:59 CEST
Keywords:
(none) =>
advisory LC_ALL=C urpmi ndptool redis
To satisfy dependencies, the following packages are going to be installed:
Package Version Release Arch
(medium "Core Release (distrib1)")
lib64ndp0 1.8 2.mga9 x86_64
ndptool 1.8 2.mga9 x86_64
(medium "Core Updates (distrib3)")
redis 7.0.14 1.mga9 x86_64
2.9MB of additional disk space will be used.
1MB of packages will be retrieved.
Proceed with the installation of the 3 packages? (Y/n) y
https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64ndp0-1.8-2.mga9.x86_64.rpm
https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/ndptool-1.8-2.mga9.x86_64.rpm
https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/updates/redis-7.0.14-1.mga9.x86_64.rpm
installing lib64ndp0-1.8-2.mga9.x86_64.rpm redis-7.0.14-1.mga9.x86_64.rpm ndptool-1.8-2.mga9.x86_64.rpm from /var/cache/urpmi/rpms
Preparing... ##################################################################################################
1/3: lib64ndp0 ##################################################################################################
2/3: ndptool ##################################################################################################
3/3: redis ##################################################################################################
LC_ALL=C urpmi --auto --auto-update
medium "QA Testing (64-bit)" is up-to-date
medium "QA Testing (32-bit)" is up-to-date
medium "Core Release (distrib1)" is up-to-date
medium "Core Updates (distrib3)" is up-to-date
medium "Nonfree Release (distrib11)" is up-to-date
medium "Nonfree Updates (distrib13)" is up-to-date
medium "Tainted Release (distrib21)" is up-to-date
medium "Tainted Updates (distrib23)" is up-to-date
medium "Core 32bit Release (distrib31)" is up-to-date
medium "Core 32bit Updates (distrib32)" is up-to-date
medium "Nonfree 32bit Release (distrib36)" is up-to-date
medium "Tainted 32bit Release (distrib41)" is up-to-date
medium "Tainted 32bit Updates (distrib42)" is up-to-date
installing ndptool-1.8-2.1.mga9.x86_64.rpm lib64ndp0-1.8-2.1.mga9.x86_64.rpm from //home/katnatek/qa-testing/x86_64
Preparing... ##################################################################################################
1/2: lib64ndp0 ##################################################################################################
2/2: ndptool ##################################################################################################
1/2: removing ndptool-1.8-2.mga9.x86_64
##################################################################################################
2/2: removing lib64ndp0-1.8-2.mga9.x86_64
##################################################################################################
Reference bug#22497 comment#1
Not equal test but looks that the tool used by Len is not available
systemctl start redis.service
systemctl status redis.service
● redis.service - Redis persistent key-value database
Loaded: loaded (/usr/lib/systemd/system/redis.service; disabled; preset: disabled)
Drop-In: /usr/lib/systemd/system/redis.service.d
└─limit.conf
Active: active (running) since Fri 2024-06-14 12:41:35 CST; 7s ago
Main PID: 374746 (redis-server)
Tasks: 5 (limit: 6905)
Memory: 2.8M
CPU: 19ms
CGroup: /system.slice/redis.service
└─374746 "/usr/bin/redis-server 127.0.0.1:6379"
jun 14 12:41:35 jgrey.phoenix systemd[1]: Started redis.service.
Consult the help of ndptool
ndptool -i eno1 monitor
NDP payload len 32, from addr: fe80::1250:72ff:fee6:7020, iface: eno1
Type: NS
NDP payload len 32, from addr: fe80::1250:72ff:fee6:7020, iface: eno1
Type: NS
NDP payload len 32, from addr: fe80::1250:72ff:fee6:7020, iface: eno1
Type: NS
NDP payload len 32, from addr: fe80::1250:72ff:fee6:7020, iface: eno1
Type: NS
NDP payload len 24, from addr: fe80::1250:72ff:fee6:7020, iface: eno1
Not sure but look that works
Side note look like not need redis service the output is the same after stoping the service MGA9-64 Plasma Wayland on HP-Pavillion
No installation issues.
$ ndptool -h
ndptool [options] command
-h --help Show this help
-v --verbose Increase output verbosity
-t --msg-type=TYPE Specify message type
("rs", "ra", "ns", "na")
-D --dest=DEST Dest address in IPv6 header for NS or NA
-T --target=TARGET Target address in ICMPv6 header for NS or NA
-i --ifname=IFNAME Specify interface name
-U --unsolicited Send Unsolicited NA
Available commands:
monitor
send
Thatlooks like this tool works on IPV6, but I've never configured my network on IPV6, but I guess some default might be OK???
[tester9@mach4 Documents]$ ndptool -i wlp0s20u2 monitor
libndp: ndp_sock_open: Failed to create ICMP6 socket.
Failed to open ndp: Operation not permitted
So, I guess this need root access
# ndptool -i wlp0s20u2 monitor
after some minute, I get feedback
NDP payload len 104, from addr: fe80::3631:c4ff:fe80:a9b4, iface: wlp0s20u2
Type: RA
Hop limit: 255
Managed address configuration: no
Other configuration: yes
Default router preference: medium
Router lifetime: 0s
Reachable time: unspecified
Retransmit time: unspecified
Source linkaddr: 34:31:c4:80:a9:b4
Prefix: fd00::/64, valid_time: 7200s, preferred_time: 3600s, on_link: yes, autonomous_addr_conf: yes, router_addr: no
MTU: 1500
Route: fd00::/64, lifetime: 1800s, preference: medium
Recursive DNS Servers: fd00::3631:c4ff:fe80:a9b4, lifetime: 1200s
NDP payload len 32, from addr: fd00::3631:c4ff:fe80:a9b4, iface: wlp0s20u2
Type: NA
NDP payload len 32, from addr: fe80::3631:c4ff:fe80:a9b4, iface: wlp0s20u2
Type: NS
NDP payload len 24, from addr: fe80::3631:c4ff:fe80:a9b4, iface: wlp0s20u2
Type: NA
NDP payload len 32, from addr: fe80::3631:c4ff:fe80:a9b4, iface: wlp0s20u2
Type: NS
NDP payload len 104, from addr: fe80::3631:c4ff:fe80:a9b4, iface: wlp0s20u2
Type: RA
Hop limit: 255
Managed address configuration: no
Other configuration: yes
Default router preference: medium
Router lifetime: 0s
Reachable time: unspecified
Retransmit time: unspecified
Source linkaddr: 34:31:c4:80:a9:b4
Prefix: fd00::/64, valid_time: 7200s, preferred_time: 3600s, on_link: yes, autonomous_addr_conf: yes, router_addr: no
MTU: 1500
Route: fd00::/64, lifetime: 1800s, preference: medium
Recursive DNS Servers: fd00::3631:c4ff:fe80:a9b4, lifetime: 1200s
I can ping that DNS-server address, so that is no nonsense
Seems OK to meCC:
(none) =>
herman.viaene Validating. CC:
(none) =>
andrewsfarm, sysadmin-bugs An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0225.html Resolution:
(none) =>
FIXED |