Executive Summary

Summary
Title NetworkManager security, bug fix, and enhancement update
Informations
Name RHSA-2015:2315 First vendor Publication 2015-11-19
Vendor RedHat Last vendor Modification 2015-11-19
Severity (Vendor) Moderate Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated NetworkManager packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

NetworkManager is a system network service that manages network devices and connections.

It was discovered that NetworkManager would set device MTUs based on MTU values received in IPv6 RAs (Router Advertisements), without sanity checking the MTU value first. A remote attacker could exploit this flaw to create a denial of service attack, by sending a specially crafted IPv6 RA packet to disturb IPv6 communication. (CVE-2015-0272)

A flaw was found in the way NetworkManager handled router advertisements. An unprivileged user on a local network could use IPv6 Neighbor Discovery ICMP to broadcast a non-route with a low hop limit, causing machines to lower the hop limit on existing IPv6 routes. If this limit is small enough, IPv6 packets would be dropped before reaching the final destination. (CVE-2015-2924)

The network-manager-applet and NetworkManager-libreswan packages have been upgraded to upstream versions 1.0.6, and provide a number of bug fixes and enhancements over the previous versions. (BZ#1177582, BZ#1243057)

Bugs:

* It was not previously possible to set the Wi-Fi band to the "a" or "bg" values to lock to a specific frequency band. NetworkManager has been fixed, and it now sets the wpa_supplicant's "freq_list" option correctly, which enables proper Wi-Fi band locking. (BZ#1254461)

* NetworkManager immediately failed activation of devices that did not have a carrier early in the boot process. The legacy network.service then reported activation failure. Now, NetworkManager has a grace period during which it waits for the carrier to appear. Devices that have a carrier down for a short time on system startup no longer cause the legacy network.service to fail. (BZ#1079353)

* NetworkManager brought down a team device if the teamd service managing it exited unexpectedly, and the team device was deactivated. Now, NetworkManager respawns the teamd instances that disappear and is able to recover from a teamd failure avoiding disruption of the team device operation. (BZ#1145988)

* NetworkManager did not send the FQDN DHCP option even if host name was set to FQDN. Consequently, Dynamic DNS (DDNS) setups failed to update the DNS records for clients running NetworkManager. Now, NetworkManager sends the FQDN option with DHCP requests, and the DHCP server is able to create DNS records for such clients. (BZ#1212597)

* The command-line client was not validating the vlan.flags property correctly, and a spurious warning message was displayed when the nmcli tool worked with VLAN connections. The validation routine has been fixed, and the warning message no longer appears. (BZ#1244048)

* NetworkManager did not propagate a media access control (MAC) address change from a bonding interface to a VLAN interface on top of it. Consequently, a VLAN interface on top of a bond used an incorrect MAC address. Now, NetworkManager synchronizes the addresses correctly. (BZ#1264322)

Enhancements:

* IPv6 Privacy extensions are now enabled by default. NetworkManager checks the per-network configuration files, NetworkManager.conf, and then falls back to "/proc/sys/net/ipv6/conf/default/use_tempaddr" to determine and set IPv6 privacy settings at device activation. (BZ#1187525)

* The NetworkManager command-line tool, nmcli, now allows setting the wake-on-lan property to 0 ("none", "disable", "disabled"). (BZ#1260584)

* NetworkManager now provides information about metered connections. (BZ#1200452)

* NetworkManager daemon and the connection editor now support setting the Maximum Transmission Unit (MTU) of a bond. It is now possible to change MTU of a bond interface in a GUI. (BZ#1177582, BZ#1177860)

* NetworkManager daemon and the connection editor now support setting the MTU of a team, allowing to change MTU of a teaming interface. (BZ#1255927)

NetworkManager users are advised to upgrade to these updated packages, which correct these issues and add these enhancements.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

918692 - PIN/Password dialog for Mobile Broadband forces user to enter password, even if it's not needed 1062301 - NetworkManager should provide a way to reload a configuration and to refresh resolv.conf if necessary 1139536 - [RFE] Improve handling of DEVICE and HWADDR in nm-connection-editor 1141417 - Persistent wake on lan across reboot 1168388 - veth device goes down when ipv4 dhcp lease expires 1168657 - nmcli hangs when deleting profile two times 1182575 - [nmcli] Can't add certificate blob via nmcli as description states 1183015 - ipv6.method shared prevents connection from being upped 1183444 - Attaching a team device to a bridge doesn't work. 1187525 - Enable privacy extensions by default 1192132 - CVE-2015-0272 kernel/NetworkManager: remote DoS using IPv6 RA with bogus MTU 1200451 - feature request: Indicate 2ghz and 5ghz wifi device capabilities 1200452 - feature request: provide information about metered connections 1201497 - [PATCH] fix a configure-and-quit=yes bug when DHCP client ID is set and hostname is not given 1207730 - Continuous IPv6 router solicitation loop 1209902 - CVE-2015-2924 NetworkManager: denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements 1211133 - high cpu use with many IPv6 cloned routes 1211859 - _nl_get_vtable: assertion 'vtable.handle' failed 1229471 - [bluez5] add DUN support to nm-connection-editor 1238840 - libreswan vpn is not working 1243057 - Update to NetworkManager-openswan/libreswan 1.0.6 or later 1244293 - NetworkManager support for secondary IPv6 addresses 1246496 - dhclient is terminated and won't start after restart NetworkManager 1250019 - NetworkManager doesn't handle MTU correctly 1250723 - Updating IPv4 address lifetime causes VPN disconnection 1251954 - Can activate a DUN connection only once 1253744 - segfault while trying to connect to VPN 1254089 - Netlink error at 'link_change' function when net interface dynamic plug out and plug in on Xen 1254461 - Wi-Fi band-locking doesn't work 1255735 - Dialog run by nm-connection-editor --create --type=vlan doesn't offer connections (eg bond) as parents 1256772 - NetworkManager quits prematurely with "configure-and-quit" 1261428 - ipv6 dns set even if ipv6.ignore-auto-dns set yes 1264024 - no network on xen guests: Error: Connection activation failed: No suitable device found for this connection. 1264089 - cannot add adsl type connection 1264361 - backport upstream bugfix to platform handling links in different netns (IFLA_LINK_NETNSID) 1267326 - libnm-gtk: fix a possible crash in functions handling password entry 1267330 - libnm-gtk: remove underscore from tooltip and use symbolic icons for password location icons 1267462 - NetworkManager segfault on_bss_proxy_acquired 1267672 - fix crash in nmtui when requesting password 1268030 - 20 seconds timeout is not sufficient for VPN password entry 1271973 - no more vpn dialog after previous canceling 1272023 - vpn password request still visible after timeout (3 mins) 1272974 - Fix regression detecting s390 CTC devices

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2015-2315.html

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-20 Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 18
Application 1
Application 3
Os 1
Os 1
Os 4
Os 2
Os 7
Os 4
Os 2

Nessus® Vulnerability Scanner

Date Description
2016-09-02 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2074-1.nasl - Type : ACT_GATHER_INFO
2016-05-04 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-1203-1.nasl - Type : ACT_GATHER_INFO
2016-02-29 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0585-1.nasl - Type : ACT_GATHER_INFO
2016-02-08 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-136.nasl - Type : ACT_GATHER_INFO
2016-02-03 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-124.nasl - Type : ACT_GATHER_INFO
2015-12-29 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-2339-1.nasl - Type : ACT_GATHER_INFO
2015-12-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20151119_NetworkManager_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2015-12-18 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-2292-1.nasl - Type : ACT_GATHER_INFO
2015-12-07 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-2194-1.nasl - Type : ACT_GATHER_INFO
2015-12-02 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-2315.nasl - Type : ACT_GATHER_INFO
2015-11-30 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-2315.nasl - Type : ACT_GATHER_INFO
2015-11-30 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-2108-1.nasl - Type : ACT_GATHER_INFO
2015-11-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-2315.nasl - Type : ACT_GATHER_INFO
2015-11-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2797-1.nasl - Type : ACT_GATHER_INFO
2015-11-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2792-1.nasl - Type : ACT_GATHER_INFO
2015-10-30 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-686.nasl - Type : ACT_GATHER_INFO
2015-10-21 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2779-1.nasl - Type : ACT_GATHER_INFO
2015-10-21 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2778-1.nasl - Type : ACT_GATHER_INFO
2015-10-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2776-1.nasl - Type : ACT_GATHER_INFO
2015-10-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2775-1.nasl - Type : ACT_GATHER_INFO
2015-09-25 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201509-05.nasl - Type : ACT_GATHER_INFO
2015-09-22 Name : The remote Debian host is missing a security update.
File : debian_DLA-310.nasl - Type : ACT_GATHER_INFO
2015-05-18 Name : The remote Fedora host is missing a security update.
File : fedora_2015-7623.nasl - Type : ACT_GATHER_INFO
2015-05-12 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2015-7767.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2015-12-05 13:28:33
  • Multiple Updates
2015-12-03 13:26:53
  • Multiple Updates
2015-11-21 13:26:14
  • Multiple Updates
2015-11-20 05:23:26
  • First insertion