Flaw in NetworkManager Affects System Availability
CVE-2021-20297

5.5MEDIUM

Key Information:

Vendor: Gnome
Status: Networkmanager
Vendor: CVE Published:; 26 May 2021

Summary

A vulnerability in the NetworkManager software allows attackers to set the match.path and activate a profile, resulting in a crash of the NetworkManager service. This flaw can significantly disrupt system availability, which makes it critical to address in systems utilizing versions prior to 1.30.0.

Affected Version(s)

NetworkManager NetworkManager 1.30.0

References

https://bugzilla.redhat.com/show_bug.cgi?id=1943282

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 26, 2021
Vulnerability Reserved
Dec 17, 2020