High severity8.1NVD Advisory· Published Jun 13, 2016· Updated Jun 17, 2026
CVE-2016-3698
CVE-2016-3698
Description
libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
13cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
7- www.debian.org/security/2016/dsa-3581nvd
- www.openwall.com/lists/oss-security/2016/05/17/9nvd
- www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlnvd
- www.ubuntu.com/usn/USN-2980-1nvd
- github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839nvd
- github.com/jpirko/libndp/commit/a4892df306e0532487f1634ba6d4c6d4bb381c7fnvd
- rhn.redhat.com/errata/RHSA-2016-1086.htmlnvd
News mentions
0No linked articles in our index yet.