Vulnerability CVE-2020-13529: Information
Description
An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.
Severity: MEDIUM (6.1) Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
NetworkManager | sisyphus | 1.32.2-alt1 | 1.46.0-alt2 | ALT-PU-2021-2116-1 | 276569 | Fixed |
NetworkManager | p10 | 1.32.2-alt1 | 1.46.0-alt1.p10.1 | ALT-PU-2021-2116-1 | 276569 | Fixed |
NetworkManager | p9 | 1.18.11-alt1.gite2fdbc2b7482 | 1.18.11-alt1.gite2fdbc2b7482 | ALT-PU-2021-2129-1 | 276659 | Fixed |
NetworkManager | c10f1 | 1.32.2-alt1 | 1.40.18-alt1.p10.2 | ALT-PU-2021-2116-1 | 276569 | Fixed |
NetworkManager | c9f2 | 1.18.11-alt1.gite2fdbc2b7482 | 1.18.11-alt1.gite2fdbc2b7482 | ALT-PU-2023-1283-1 | 314563 | Fixed |
NetworkManager | p11 | 1.32.2-alt1 | 1.46.0-alt2 | ALT-PU-2021-2116-1 | 276569 | Fixed |
systemd | sisyphus | 245.2-alt1 | 255.6-alt2 | ALT-PU-2020-1560-1 | 248437 | Fixed |
systemd | p10 | 245.2-alt1 | 249.17-alt2 | ALT-PU-2020-1560-1 | 248437 | Fixed |
systemd | p9 | 246.16-alt1 | 247.13-alt1 | ALT-PU-2021-2584-1 | 283283 | Fixed |
systemd | c10f1 | 245.2-alt1 | 249.17-alt2 | ALT-PU-2020-1560-1 | 248437 | Fixed |
systemd | p11 | 245.2-alt1 | 255.6-alt2 | ALT-PU-2020-1560-1 | 248437 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142 |
|
https://security.netapp.com/advisory/ntap-20210625-0005/ |
|
GLSA-202107-48 |
|
[oss-security] 20210804 Re: Pop!_OS Membership to linux-distros list |
|
[oss-security] 20210817 Re: Pop!_OS Membership to linux-distros list |
|
[oss-security] 20210907 Re: Pop!_OS Membership to linux-distros list |
|
FEDORA-2021-166e461c8d |