High severity8.1NVD Advisory· Published May 31, 2024· Updated Apr 15, 2026

CVE-2024-5564

Description

A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/errata/RHBA-2025:6631nvd
access.redhat.com/errata/RHSA-2024:4618nvd
access.redhat.com/errata/RHSA-2024:4619nvd
access.redhat.com/errata/RHSA-2024:4620nvd
access.redhat.com/errata/RHSA-2024:4622nvd
access.redhat.com/errata/RHSA-2024:4636nvd
access.redhat.com/errata/RHSA-2024:4640nvd
access.redhat.com/errata/RHSA-2024:4641nvd
access.redhat.com/errata/RHSA-2024:4642nvd
access.redhat.com/errata/RHSA-2024:4643nvd
access.redhat.com/security/cve/CVE-2024-5564nvd
bugzilla.redhat.com/show_bug.cginvd
lists.debian.org/debian-lts-announce/2024/06/msg00011.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.526
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000