{"id":"AZL-42609","summary":"CVE-2024-5564 affecting package libndp for versions less than 1.8-2","details":"A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information.","modified":"2026-04-21T04:30:39.994743Z","published":"2024-05-31T19:15:08Z","upstream":["CVE-2024-5564"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-5564"}],"affected":[{"package":{"name":"libndp","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/libndp"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8-2"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-42609.json"}}],"schema_version":"1.7.5"}