Flaw in NetworkManager Affects System Availability
CVE-2021-20297

5.5MEDIUM

Key Information:

Vendor: Gnome
Status: Networkmanager
Vendor: CVE Published:; 26 May 2021

What is CVE-2021-20297?

A vulnerability in the NetworkManager software allows attackers to set the match.path and activate a profile, resulting in a crash of the NetworkManager service. This flaw can significantly disrupt system availability, which makes it critical to address in systems utilizing versions prior to 1.30.0.

Affected Version(s)

NetworkManager NetworkManager 1.30.0

References

https://bugzilla.redhat.com/show_bug.cgi?id=1943282

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 26, 2021
Vulnerability Reserved
Dec 17, 2020

JSON

Gnome

What is CVE-2021-20297?

Affected Version(s)

References

CVSS V3.1

Timeline