Synopsis: Moderate: NetworkManager security update
Issue Date: 2011-09-26
CVE Numbers: CVE-2011-3364
—
NetworkManager is a network link manager that attempts to keep a wired or
wireless network connection active at all times. The ifcfg-rh
NetworkManager plug-in is used in Red Hat Enterprise Linux distributions to
read and write configuration information from the
/etc/sysconfig/network-scripts/ifcfg-* files.
An input sanitization flaw was found in the way the ifcfg-rh NetworkManager
plug-in escaped network connection names containing special characters. If
PolicyKit was configured to allow local, unprivileged users to create and
save new network connections, they could create a connection with a
specially-crafted name, leading to the escalation of their privileges.
Note: By default, PolicyKit prevents unprivileged users from creating and
saving network connections. (CVE-2011-3364)
Red Hat would like to thank Matt McCutchen for reporting this issue.
Users of NetworkManager should upgrade to these updated packages, which
contain a backported patch to correct this issue. Running instances of
NetworkManager must be restarted (“service NetworkManager restart”) for
this update to take effect.
—
SL6
x86_64
NetworkManager-0.8.1-9.el6_1.3.x86_64.rpm
NetworkManager-devel-0.8.1-9.el6_1.3.i686.rpm
NetworkManager-devel-0.8.1-9.el6_1.3.x86_64.rpm
NetworkManager-glib-0.8.1-9.el6_1.3.i686.rpm
NetworkManager-glib-0.8.1-9.el6_1.3.x86_64.rpm
NetworkManager-glib-devel-0.8.1-9.el6_1.3.i686.rpm
NetworkManager-glib-devel-0.8.1-9.el6_1.3.x86_64.rpm
NetworkManager-gnome-0.8.1-9.el6_1.3.x86_64.rpm
i386
NetworkManager-0.8.1-9.el6_1.3.i686.rpm
NetworkManager-devel-0.8.1-9.el6_1.3.i686.rpm
NetworkManager-glib-0.8.1-9.el6_1.3.i686.rpm
NetworkManager-glib-devel-0.8.1-9.el6_1.3.i686.rpm
NetworkManager-gnome-0.8.1-9.el6_1.3.i686.rpm
– Scientific Linux Development Team
