Scientific Linux Security Update : NetworkManager on SL7.x x86_64

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

It was discovered that NetworkManager would set device MTUs based on
MTU values received in IPv6 RAs (Router Advertisements), without
sanity checking the MTU value first. A remote attacker could exploit
this flaw to create a denial of service attack, by sending a specially
crafted IPv6 RA packet to disturb IPv6 communication. (CVE-2015-0272)

A flaw was found in the way NetworkManager handled router
advertisements. An unprivileged user on a local network could use IPv6
Neighbor Discovery ICMP to broadcast a non-route with a low hop limit,
causing machines to lower the hop limit on existing IPv6 routes. If
this limit is small enough, IPv6 packets would be dropped before
reaching the final destination. (CVE-2015-2924)

The network-manager-applet and NetworkManager-libreswan packages have
been upgraded to upstream versions 1.0.6, and provide a number of bug
fixes and enhancements over the previous versions.

Bugs :

- It was not previously possible to set the Wi-Fi band to
the 'a' or 'bg' values to lock to a specific frequency
band. NetworkManager has been fixed, and it now sets the
wpa_supplicant's 'freq_list' option correctly, which
enables proper Wi-Fi band locking.

- NetworkManager immediately failed activation of devices
that did not have a carrier early in the boot process.
The legacy network.service then reported activation
failure. Now, NetworkManager has a grace period during
which it waits for the carrier to appear. Devices that
have a carrier down for a short time on system startup
no longer cause the legacy network.service to fail.

- NetworkManager brought down a team device if the teamd
service managing it exited unexpectedly, and the team
device was deactivated. Now, NetworkManager respawns the
teamd instances that disappear and is able to recover
from a teamd failure avoiding disruption of the team
device operation.

- NetworkManager did not send the FQDN DHCP option even if
host name was set to FQDN. Consequently, Dynamic DNS
(DDNS) setups failed to update the DNS records for
clients running NetworkManager. Now, NetworkManager
sends the FQDN option with DHCP requests, and the DHCP
server is able to create DNS records for such clients.

- The command-line client was not validating the
vlan.flags property correctly, and a spurious warning
message was displayed when the nmcli tool worked with
VLAN connections. The validation routine has been fixed,
and the warning message no longer appears.

- NetworkManager did not propagate a media access control
(MAC) address change from a bonding interface to a VLAN
interface on top of it. Consequently, a VLAN interface
on top of a bond used an incorrect MAC address. Now,
NetworkManager synchronizes the addresses correctly.

Enhancements :

- IPv6 Privacy extensions are now enabled by default.
NetworkManager checks the per-network configuration
files, NetworkManager.conf, and then falls back to
'/proc/sys/net/ipv6/conf/default/use_tempaddr' to
determine and set IPv6 privacy settings at device
activation.

- The NetworkManager command-line tool, nmcli, now allows
setting the wake-on-lan property to 0 ('none',
'disable', 'disabled').

- NetworkManager now provides information about metered
connections.

- NetworkManager daemon and the connection editor now
support setting the Maximum Transmission Unit (MTU) of a
bond. It is now possible to change MTU of a bond
interface in a GUI.

- NetworkManager daemon and the connection editor now
support setting the MTU of a team, allowing to change
MTU of a teaming interface.

See also :

http://www.nessus.org/u?a5094cb6

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 87548 ()

Bugtraq ID:

CVE ID: CVE-2015-0272
CVE-2015-2924

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now