Security Advisory Moderate: libndp security update

Advisory: RHSA-2016:1086-1
Type: Security Advisory
Severity: Moderate
Issued on: 2016-05-17
Last updated on: 2016-05-17
Affected Products: Red Hat Enterprise Linux Desktop (v. 7)
Red Hat Enterprise Linux HPC Node (v. 7)
Red Hat Enterprise Linux HPC Node EUS (v. 7.2)
Red Hat Enterprise Linux Server (v. 7)
Red Hat Enterprise Linux Server AUS (v. 7.2)
Red Hat Enterprise Linux Server EUS (v. 7.2)
Red Hat Enterprise Linux Workstation (v. 7)
CVEs (cve.mitre.org): CVE-2016-3698

Details

An update for libndp is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

Libndp is a library (used by NetworkManager) that provides a wrapper for the
IPv6 Neighbor Discovery Protocol. It also provides a tool named ndptool for
sending and receiving NDP messages.

Security Fix(es):

* It was found that libndp did not properly validate and check the origin of
Neighbor Discovery Protocol (NDP) messages. An attacker on a non-local network
could use this flaw to advertise a node as a router, allowing them to perform
man-in-the-middle attacks on a connecting client, or disrupt the network
connectivity of that client. (CVE-2016-3698)

Red Hat would like to thank Julien Bernard (Viagénie) for reporting this issue.


Solution

For details on how to apply this update, which includes the changes described in
this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, all running applications using libndp (for
example, Network Manager) must be restarted for this update to take effect.

Updated packages

Red Hat Enterprise Linux Desktop (v. 7)

SRPMS:
libndp-1.2-6.el7_2.src.rpm
File outdated by:  RHBA-2016:2390
    MD5: c712df1091d1fe3872aa2b419ea64eb9
SHA-256: 587d081753d62078f86ef827b5167137bc524df7bcec96ed85813cf589fd9b4f
 
x86_64:
libndp-1.2-6.el7_2.i686.rpm
File outdated by:  RHBA-2016:2390
    MD5: 3c6b4ae51934ba1319040759ba75af74
SHA-256: d238354804de0be571fb5b1ba1160bc1b40f08ce95274c5a021d9347ab955e39
libndp-1.2-6.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2390
    MD5: 97faf065a463b2d5d4c6bffb39370211
SHA-256: 700187e7da0836af7b833fb25d0f9b4ad7101cb80907694c9518d266f866d2bf
libndp-debuginfo-1.2-6.el7_2.i686.rpm
File outdated by:  RHBA-2016:2390
    MD5: c15c5855796130233b066648abef67c3
SHA-256: 67d8997bd865d602147004e4c68579c44ef731814d3d851d5eccc1e9f2542237
libndp-debuginfo-1.2-6.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2390
    MD5: b7056a68d1cac7868ea04c0036b3dc0f
SHA-256: 8345bb73dde07a9b8cd666dab2b5df87110171a999115830ff87a1e6b6461bc8
libndp-devel-1.2-6.el7_2.i686.rpm
File outdated by:  RHBA-2016:2390
    MD5: 4d1c0442e71cc13d0837c92261692166
SHA-256: e8d6513ad252f75934555ff15e805954fa6b298b56d6bdcfdaf23faf56c1ad6a
libndp-devel-1.2-6.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2390
    MD5: 451f86882fc0e8410466a84c8cbf1ba2
SHA-256: bc060d5b2c73c9f42be8bc03e06bc094d069bd0e389ca5c806ed0e317955b0bd
 
Red Hat Enterprise Linux HPC Node (v. 7)

SRPMS:
libndp-1.2-6.el7_2.src.rpm
File outdated by:  RHBA-2016:2390
    MD5: c712df1091d1fe3872aa2b419ea64eb9
SHA-256: 587d081753d62078f86ef827b5167137bc524df7bcec96ed85813cf589fd9b4f
 
x86_64:
libndp-1.2-6.el7_2.i686.rpm
File outdated by:  RHBA-2016:2390
    MD5: 3c6b4ae51934ba1319040759ba75af74
SHA-256: d238354804de0be571fb5b1ba1160bc1b40f08ce95274c5a021d9347ab955e39
libndp-1.2-6.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2390
    MD5: 97faf065a463b2d5d4c6bffb39370211
SHA-256: 700187e7da0836af7b833fb25d0f9b4ad7101cb80907694c9518d266f866d2bf
libndp-debuginfo-1.2-6.el7_2.i686.rpm
File outdated by:  RHBA-2016:2390
    MD5: c15c5855796130233b066648abef67c3
SHA-256: 67d8997bd865d602147004e4c68579c44ef731814d3d851d5eccc1e9f2542237
libndp-debuginfo-1.2-6.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2390
    MD5: b7056a68d1cac7868ea04c0036b3dc0f
SHA-256: 8345bb73dde07a9b8cd666dab2b5df87110171a999115830ff87a1e6b6461bc8
libndp-devel-1.2-6.el7_2.i686.rpm
File outdated by:  RHBA-2016:2390
    MD5: 4d1c0442e71cc13d0837c92261692166
SHA-256: e8d6513ad252f75934555ff15e805954fa6b298b56d6bdcfdaf23faf56c1ad6a
libndp-devel-1.2-6.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2390
    MD5: 451f86882fc0e8410466a84c8cbf1ba2
SHA-256: bc060d5b2c73c9f42be8bc03e06bc094d069bd0e389ca5c806ed0e317955b0bd
 
Red Hat Enterprise Linux HPC Node EUS (v. 7.2)

SRPMS:
libndp-1.2-6.el7_2.src.rpm
File outdated by:  RHBA-2016:2390
    MD5: c712df1091d1fe3872aa2b419ea64eb9
SHA-256: 587d081753d62078f86ef827b5167137bc524df7bcec96ed85813cf589fd9b4f
 
x86_64:
libndp-1.2-6.el7_2.i686.rpm     MD5: 3c6b4ae51934ba1319040759ba75af74
SHA-256: d238354804de0be571fb5b1ba1160bc1b40f08ce95274c5a021d9347ab955e39
libndp-1.2-6.el7_2.x86_64.rpm     MD5: 97faf065a463b2d5d4c6bffb39370211
SHA-256: 700187e7da0836af7b833fb25d0f9b4ad7101cb80907694c9518d266f866d2bf
libndp-debuginfo-1.2-6.el7_2.i686.rpm     MD5: c15c5855796130233b066648abef67c3
SHA-256: 67d8997bd865d602147004e4c68579c44ef731814d3d851d5eccc1e9f2542237
libndp-debuginfo-1.2-6.el7_2.x86_64.rpm     MD5: b7056a68d1cac7868ea04c0036b3dc0f
SHA-256: 8345bb73dde07a9b8cd666dab2b5df87110171a999115830ff87a1e6b6461bc8
libndp-devel-1.2-6.el7_2.i686.rpm     MD5: 4d1c0442e71cc13d0837c92261692166
SHA-256: e8d6513ad252f75934555ff15e805954fa6b298b56d6bdcfdaf23faf56c1ad6a
libndp-devel-1.2-6.el7_2.x86_64.rpm     MD5: 451f86882fc0e8410466a84c8cbf1ba2
SHA-256: bc060d5b2c73c9f42be8bc03e06bc094d069bd0e389ca5c806ed0e317955b0bd
 
Red Hat Enterprise Linux Server (v. 7)

SRPMS:
libndp-1.2-6.el7_2.src.rpm
File outdated by:  RHBA-2016:2390
    MD5: c712df1091d1fe3872aa2b419ea64eb9
SHA-256: 587d081753d62078f86ef827b5167137bc524df7bcec96ed85813cf589fd9b4f
 
PPC:
libndp-1.2-6.el7_2.ppc.rpm
File outdated by:  RHBA-2016:2390
    MD5: 3a1a5203df48bc4f5248eb95d84a6dcc
SHA-256: 76a447e3177962365d0cd2a9c8256fd3ace99b111e717d983ba50a09aa6c9013
libndp-1.2-6.el7_2.ppc64.rpm
File outdated by:  RHBA-2016:2390
    MD5: 8272c49cacc56d64b24a37ef1849bf6f
SHA-256: 894c436e19d4d39c5534a99796b2f3bc7b6d588ab808eb045b0d7cd58ced81c8
libndp-debuginfo-1.2-6.el7_2.ppc.rpm
File outdated by:  RHBA-2016:2390
    MD5: 230415f7d1566281fb9ca7dadb3b3c79
SHA-256: 5a1d318864df9f6ac600e9d9d43784da257ba3429b9a4f5409d5a05d50acd325
libndp-debuginfo-1.2-6.el7_2.ppc64.rpm
File outdated by:  RHBA-2016:2390
    MD5: 4fe785a90a1fe667d4d72c1ff4e41246
SHA-256: 3dca0d36100ef1972e1789b99ca5025d4c06d76e09dc843becac52862d2e135f
libndp-devel-1.2-6.el7_2.ppc.rpm
File outdated by:  RHBA-2016:2390
    MD5: 79e50ac38fe9410a52eeff06b38909ba
SHA-256: 1b7b0ae8ff420a27fb694246ddcebf5577cb97c0b5a743ddadec22d8bcf1b442
libndp-devel-1.2-6.el7_2.ppc64.rpm
File outdated by:  RHBA-2016:2390
    MD5: a969d43601f2533c2832075b196af58c
SHA-256: 1e6ad79aa4db90e67a0ab189e70c0406470ad02fe61873358c1d8a70a266c4d5
 
PPC64LE:
libndp-1.2-6.el7_2.ppc64le.rpm
File outdated by:  RHBA-2016:2390
    MD5: f790dabcde44655cc9a6174d70cb1a86
SHA-256: c22a2ed0e8240ac432e75ee47526c061a6e07349ed16b41c2e1bff0c223bd6d0
libndp-debuginfo-1.2-6.el7_2.ppc64le.rpm
File outdated by:  RHBA-2016:2390
    MD5: d49cfd0fdff200f03205a1bea3170e43
SHA-256: c1aa04b558e69fcc29c11c58e3726f4770165395b1f2a6c0b60dadaeef1ac1d6
libndp-devel-1.2-6.el7_2.ppc64le.rpm
File outdated by:  RHBA-2016:2390
    MD5: 669161fe5f0359aaf4e2037e904420e9
SHA-256: a64201b80379ad0eb4580a55875af7ad0c37e684dbfa389b3c19163bc502a9bc
 
s390x:
libndp-1.2-6.el7_2.s390.rpm
File outdated by:  RHBA-2016:2390
    MD5: b9fc3a1e89c045676e38d69bc73555ca
SHA-256: 8426dbd50702e94fe323c7695169cb967c332f78a65f6b666ae21b65165e3476
libndp-1.2-6.el7_2.s390x.rpm
File outdated by:  RHBA-2016:2390
    MD5: d64275bd54b62b8fc7ac653e20597150
SHA-256: d6e7fa1104e23820a8d679f53ab880e93fd81bbb2156394b5573749c12299637
libndp-debuginfo-1.2-6.el7_2.s390.rpm
File outdated by:  RHBA-2016:2390
    MD5: db61de1cbffda56b44aec3fbe100f118
SHA-256: 84754718f40e1e4344a4afa23097e2afc2308bfddb775521a8992c15b806cfff
libndp-debuginfo-1.2-6.el7_2.s390x.rpm
File outdated by:  RHBA-2016:2390
    MD5: b5371f1131eaf6b13997824e3ca82ca0
SHA-256: cea1e4d88978d17aeaa63e4a0e04ea36ec5816bf2258559209cb2203ba80b95b
libndp-devel-1.2-6.el7_2.s390.rpm
File outdated by:  RHBA-2016:2390
    MD5: b4c47dabaddd499a27013aeb4703e6a8
SHA-256: e42f52b2d08795ae8a8e87b52d88115e2880a1e5fcab500a83137353f7b64f2f
libndp-devel-1.2-6.el7_2.s390x.rpm
File outdated by:  RHBA-2016:2390
    MD5: f73190e44e80e884eb750af56dd8a7ea
SHA-256: b86158ae02eab2a6c7de3e3457120fe4cef03fedccd85214f0e343deeb171af9
 
x86_64:
libndp-1.2-6.el7_2.i686.rpm
File outdated by:  RHBA-2016:2390
    MD5: 3c6b4ae51934ba1319040759ba75af74
SHA-256: d238354804de0be571fb5b1ba1160bc1b40f08ce95274c5a021d9347ab955e39
libndp-1.2-6.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2390
    MD5: 97faf065a463b2d5d4c6bffb39370211
SHA-256: 700187e7da0836af7b833fb25d0f9b4ad7101cb80907694c9518d266f866d2bf
libndp-debuginfo-1.2-6.el7_2.i686.rpm
File outdated by:  RHBA-2016:2390
    MD5: c15c5855796130233b066648abef67c3
SHA-256: 67d8997bd865d602147004e4c68579c44ef731814d3d851d5eccc1e9f2542237
libndp-debuginfo-1.2-6.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2390
    MD5: b7056a68d1cac7868ea04c0036b3dc0f
SHA-256: 8345bb73dde07a9b8cd666dab2b5df87110171a999115830ff87a1e6b6461bc8
libndp-devel-1.2-6.el7_2.i686.rpm
File outdated by:  RHBA-2016:2390
    MD5: 4d1c0442e71cc13d0837c92261692166
SHA-256: e8d6513ad252f75934555ff15e805954fa6b298b56d6bdcfdaf23faf56c1ad6a
libndp-devel-1.2-6.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2390
    MD5: 451f86882fc0e8410466a84c8cbf1ba2
SHA-256: bc060d5b2c73c9f42be8bc03e06bc094d069bd0e389ca5c806ed0e317955b0bd
 
Red Hat Enterprise Linux Server AUS (v. 7.2)

SRPMS:
libndp-1.2-6.el7_2.src.rpm
File outdated by:  RHBA-2016:2390
    MD5: c712df1091d1fe3872aa2b419ea64eb9
SHA-256: 587d081753d62078f86ef827b5167137bc524df7bcec96ed85813cf589fd9b4f
 
x86_64:
libndp-1.2-6.el7_2.i686.rpm     MD5: 3c6b4ae51934ba1319040759ba75af74
SHA-256: d238354804de0be571fb5b1ba1160bc1b40f08ce95274c5a021d9347ab955e39
libndp-1.2-6.el7_2.x86_64.rpm     MD5: 97faf065a463b2d5d4c6bffb39370211
SHA-256: 700187e7da0836af7b833fb25d0f9b4ad7101cb80907694c9518d266f866d2bf
libndp-debuginfo-1.2-6.el7_2.i686.rpm     MD5: c15c5855796130233b066648abef67c3
SHA-256: 67d8997bd865d602147004e4c68579c44ef731814d3d851d5eccc1e9f2542237
libndp-debuginfo-1.2-6.el7_2.x86_64.rpm     MD5: b7056a68d1cac7868ea04c0036b3dc0f
SHA-256: 8345bb73dde07a9b8cd666dab2b5df87110171a999115830ff87a1e6b6461bc8
libndp-devel-1.2-6.el7_2.i686.rpm     MD5: 4d1c0442e71cc13d0837c92261692166
SHA-256: e8d6513ad252f75934555ff15e805954fa6b298b56d6bdcfdaf23faf56c1ad6a
libndp-devel-1.2-6.el7_2.x86_64.rpm     MD5: 451f86882fc0e8410466a84c8cbf1ba2
SHA-256: bc060d5b2c73c9f42be8bc03e06bc094d069bd0e389ca5c806ed0e317955b0bd
 
Red Hat Enterprise Linux Server EUS (v. 7.2)

SRPMS:
libndp-1.2-6.el7_2.src.rpm
File outdated by:  RHBA-2016:2390
    MD5: c712df1091d1fe3872aa2b419ea64eb9
SHA-256: 587d081753d62078f86ef827b5167137bc524df7bcec96ed85813cf589fd9b4f
 
PPC:
libndp-1.2-6.el7_2.ppc.rpm     MD5: 3a1a5203df48bc4f5248eb95d84a6dcc
SHA-256: 76a447e3177962365d0cd2a9c8256fd3ace99b111e717d983ba50a09aa6c9013
libndp-1.2-6.el7_2.ppc64.rpm     MD5: 8272c49cacc56d64b24a37ef1849bf6f
SHA-256: 894c436e19d4d39c5534a99796b2f3bc7b6d588ab808eb045b0d7cd58ced81c8
libndp-debuginfo-1.2-6.el7_2.ppc.rpm     MD5: 230415f7d1566281fb9ca7dadb3b3c79
SHA-256: 5a1d318864df9f6ac600e9d9d43784da257ba3429b9a4f5409d5a05d50acd325
libndp-debuginfo-1.2-6.el7_2.ppc64.rpm     MD5: 4fe785a90a1fe667d4d72c1ff4e41246
SHA-256: 3dca0d36100ef1972e1789b99ca5025d4c06d76e09dc843becac52862d2e135f
libndp-devel-1.2-6.el7_2.ppc.rpm     MD5: 79e50ac38fe9410a52eeff06b38909ba
SHA-256: 1b7b0ae8ff420a27fb694246ddcebf5577cb97c0b5a743ddadec22d8bcf1b442
libndp-devel-1.2-6.el7_2.ppc64.rpm     MD5: a969d43601f2533c2832075b196af58c
SHA-256: 1e6ad79aa4db90e67a0ab189e70c0406470ad02fe61873358c1d8a70a266c4d5
 
PPC64LE:
libndp-1.2-6.el7_2.ppc64le.rpm     MD5: f790dabcde44655cc9a6174d70cb1a86
SHA-256: c22a2ed0e8240ac432e75ee47526c061a6e07349ed16b41c2e1bff0c223bd6d0
libndp-debuginfo-1.2-6.el7_2.ppc64le.rpm     MD5: d49cfd0fdff200f03205a1bea3170e43
SHA-256: c1aa04b558e69fcc29c11c58e3726f4770165395b1f2a6c0b60dadaeef1ac1d6
libndp-devel-1.2-6.el7_2.ppc64le.rpm     MD5: 669161fe5f0359aaf4e2037e904420e9
SHA-256: a64201b80379ad0eb4580a55875af7ad0c37e684dbfa389b3c19163bc502a9bc
 
s390x:
libndp-1.2-6.el7_2.s390.rpm     MD5: b9fc3a1e89c045676e38d69bc73555ca
SHA-256: 8426dbd50702e94fe323c7695169cb967c332f78a65f6b666ae21b65165e3476
libndp-1.2-6.el7_2.s390x.rpm     MD5: d64275bd54b62b8fc7ac653e20597150
SHA-256: d6e7fa1104e23820a8d679f53ab880e93fd81bbb2156394b5573749c12299637
libndp-debuginfo-1.2-6.el7_2.s390.rpm     MD5: db61de1cbffda56b44aec3fbe100f118
SHA-256: 84754718f40e1e4344a4afa23097e2afc2308bfddb775521a8992c15b806cfff
libndp-debuginfo-1.2-6.el7_2.s390x.rpm     MD5: b5371f1131eaf6b13997824e3ca82ca0
SHA-256: cea1e4d88978d17aeaa63e4a0e04ea36ec5816bf2258559209cb2203ba80b95b
libndp-devel-1.2-6.el7_2.s390.rpm     MD5: b4c47dabaddd499a27013aeb4703e6a8
SHA-256: e42f52b2d08795ae8a8e87b52d88115e2880a1e5fcab500a83137353f7b64f2f
libndp-devel-1.2-6.el7_2.s390x.rpm     MD5: f73190e44e80e884eb750af56dd8a7ea
SHA-256: b86158ae02eab2a6c7de3e3457120fe4cef03fedccd85214f0e343deeb171af9
 
x86_64:
libndp-1.2-6.el7_2.i686.rpm     MD5: 3c6b4ae51934ba1319040759ba75af74
SHA-256: d238354804de0be571fb5b1ba1160bc1b40f08ce95274c5a021d9347ab955e39
libndp-1.2-6.el7_2.x86_64.rpm     MD5: 97faf065a463b2d5d4c6bffb39370211
SHA-256: 700187e7da0836af7b833fb25d0f9b4ad7101cb80907694c9518d266f866d2bf
libndp-debuginfo-1.2-6.el7_2.i686.rpm     MD5: c15c5855796130233b066648abef67c3
SHA-256: 67d8997bd865d602147004e4c68579c44ef731814d3d851d5eccc1e9f2542237
libndp-debuginfo-1.2-6.el7_2.x86_64.rpm     MD5: b7056a68d1cac7868ea04c0036b3dc0f
SHA-256: 8345bb73dde07a9b8cd666dab2b5df87110171a999115830ff87a1e6b6461bc8
libndp-devel-1.2-6.el7_2.i686.rpm     MD5: 4d1c0442e71cc13d0837c92261692166
SHA-256: e8d6513ad252f75934555ff15e805954fa6b298b56d6bdcfdaf23faf56c1ad6a
libndp-devel-1.2-6.el7_2.x86_64.rpm     MD5: 451f86882fc0e8410466a84c8cbf1ba2
SHA-256: bc060d5b2c73c9f42be8bc03e06bc094d069bd0e389ca5c806ed0e317955b0bd
 
Red Hat Enterprise Linux Workstation (v. 7)

SRPMS:
libndp-1.2-6.el7_2.src.rpm
File outdated by:  RHBA-2016:2390
    MD5: c712df1091d1fe3872aa2b419ea64eb9
SHA-256: 587d081753d62078f86ef827b5167137bc524df7bcec96ed85813cf589fd9b4f
 
x86_64:
libndp-1.2-6.el7_2.i686.rpm
File outdated by:  RHBA-2016:2390
    MD5: 3c6b4ae51934ba1319040759ba75af74
SHA-256: d238354804de0be571fb5b1ba1160bc1b40f08ce95274c5a021d9347ab955e39
libndp-1.2-6.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2390
    MD5: 97faf065a463b2d5d4c6bffb39370211
SHA-256: 700187e7da0836af7b833fb25d0f9b4ad7101cb80907694c9518d266f866d2bf
libndp-debuginfo-1.2-6.el7_2.i686.rpm
File outdated by:  RHBA-2016:2390
    MD5: c15c5855796130233b066648abef67c3
SHA-256: 67d8997bd865d602147004e4c68579c44ef731814d3d851d5eccc1e9f2542237
libndp-debuginfo-1.2-6.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2390
    MD5: b7056a68d1cac7868ea04c0036b3dc0f
SHA-256: 8345bb73dde07a9b8cd666dab2b5df87110171a999115830ff87a1e6b6461bc8
libndp-devel-1.2-6.el7_2.i686.rpm
File outdated by:  RHBA-2016:2390
    MD5: 4d1c0442e71cc13d0837c92261692166
SHA-256: e8d6513ad252f75934555ff15e805954fa6b298b56d6bdcfdaf23faf56c1ad6a
libndp-devel-1.2-6.el7_2.x86_64.rpm
File outdated by:  RHBA-2016:2390
    MD5: 451f86882fc0e8410466a84c8cbf1ba2
SHA-256: bc060d5b2c73c9f42be8bc03e06bc094d069bd0e389ca5c806ed0e317955b0bd
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1329366 - CVE-2016-3698 libndp: denial of service due to insufficient validation of source of NDP messages


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/