VARIoT IoT vulnerabilities database

Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 stack buffer overflow exploitation via a crafted access point. NOTE: because an operating system could potentially isolate itself from CVE-2017-6956 exploitation without patching Broadcom firmware functions, there is a separate CVE ID for the operating-system behavior. Apple iOS is prone to an arbitrary code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Versions prior to iOS 10.3.1 are vulnerable. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Wi-Fi is one of the wireless Internet access components. CVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team WebKit Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team CVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative CVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech CVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative CVE-2019-8586: an anonymous researcher CVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative CVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security & Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab CVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative CVE-2019-8596: Wen Xu of SSLab at Georgia Tech CVE-2019-8597: 01 working with Trend Micro Zero Day Initiative CVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative CVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative CVE-2019-8609: Wen Xu of SSLab, Georgia Tech CVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative CVE-2019-8611: Samuel Groß of Google Project Zero CVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative CVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab CVE-2019-8622: Samuel Groß of Google Project Zero CVE-2019-8623: Samuel Groß of Google Project Zero CVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab Additional recognition Safari We would like to acknowledge Michael Ball of Gradescope by Turnitin for their assistance. Installation note: Safari 12.1.1 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-04-03-1 iOS 10.3.1 iOS 10.3.1 is now available and addresses the following: Wi-Fi Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A stack buffer overflow was addressed through improved input validation. CVE-2017-6975: Gal Beniamini of Google Project Zero Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "10.3.1". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCgAGBQJY4mGWAAoJEIOj74w0bLRGDXMP/2Pxq15u8s/Poib9N4oDn7Y/ 6k+8C8LEz6VmBaFaxKYBbyIGVo9FfLnIUA4Xar8CI2JOz97AifMQBGZra1pXWByL TQ44DgRRyoF4+MckoNPLKaAOy1aSGLF/3m3LEduNaVDZpgIYubzHPU1KaOFMujFw M1e4NEd18+eDgW9c5gXlGHmqtViCGQ1kTi7iySDxHlDd1MguFF9rVDjU2Yfn4juz whYHQKOpcSgkeX0tSRVgOU8UzXfDrzdsP433AqELHq2frBdjbi0B37XclP3dPjsQ MPbQwUE1kbC1agxPfl97RRRFyOyfkI2a1rp9SSFOFqpqIQxkj5gYqx08ji0ol0UF rNC6TZ103Vsyzi9NmO2DO0pv9ocFpg1D2efFkZeUU2hIfdb2B9jnQaulw/WmBzmD KQ3eImhvjTyzfB6UmJm+cdQcWYFYbJBFVeQ20lPeuekckghGLNhU21Zo/HKPnYHD wR8kz0TZUC7uQaiBbB63Blz0T+nNDrkNdTD6VnOhUX9Lpx+cfu717itijduV9L35 iPRDRw9Z8yuN2K0h5SLbHD17NIsNakDDI4VTFBu98YsFJxwHAWqoIH9rdeHbTPwp MQyuwvkQTOAse+e/R+TnfE/xVAAaX6H5P2E5KAuJtO0+mqx89bqn+wF8D2QTtPci qhkKFRDRZJjCDTZijmfA =TCYT -----END PGP SIGNATURE----- . Broadcom: Stack buffer overflow when handling 802.11r (FT) authentication response CVE-2017-6975 Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without delegating to the host OS. In order to allow fast roaming between access points in a wireless network, the Broadcom firmware supports the Fast BSS Transition feature (IEEE 802.11r-2008 FT), allowing a client to roam between APs in the same mobility domain. When a client decides to roam to a different AP in an FT network (in the same mobility domain), they first send an authentication request frame. This frame is either sent to the new AP (in over-the-air FT) or to the original AP (in over-the-DS FT). The authentication request frame includes the Fast BSS Transition Information Element (FT-IE) specifying the <a href="https://crrev.com/0" title="" class="" rel="nofollow">R0</a> key holder ID (R0KH-ID) corresponding to the roam request. In response, the AP send back an authentication response frame, also containing an FT-IE. This FT-IE contains the regular fields (Anonce, Snonce, etc.) but also includes the R0KH-ID and R1KH-ID. This is done by encoding the additional fields as TLVs immediately after the structure of the FT-IE (but still within the bounds of the IE), like so: ---------------------------------------------------------------------------- | FT-IE Tag (55) | FT-IE Length | ... FT-IE Contents ... | Additional TLVs | ---------------------------------------------------------------------------- 0 1 2 84 2 + FT-IE Length On the BCM4339 SoC with firmware version 6.37.34.40 the authentication response frame for FT roaming is handled by ROM function 0x7B6A4. This function first retrieves the FT-IE. Then, it allocates a heap buffer for it, using the size specified in the IE's length field. The FT-IE is then stored in the allocated buffer, which is subsequently used to extract the R0KH-ID and R1KH-ID fields. Here is the high-level logic for this function: void function_7B6A4(...) { //Copying in the FT-IE char* ft_ie = bcm_parse_tlvs(auth_frame, auth_frame_len, 55); unsigned short ft_ie_len = ft_ie[1] + 2; char* ft_ie_buffer = malloc(ft_ie_len); memcpy(ft_ie_buffer, ft_ie, ft_ie_len); //Extracting the embedded IEs in the FT-IE. The size of the //FT-IE's fields without the embedded IEs is 84. char* ies = ft_ie_buffer + 84; int ies_length = ft_ie_len - 84; char* r0kh_id = bcm_parse_tlvs(ies, ies_length, 1); char* r1kh_id = bcm_parse_tlvs(ies, ies_length, 3); memcpy(..., ft_ie + 20, 0x20); //Copying the Anonce ... } First, it should be noted that the function erroneously assumes the size of the FT-IE is at least 84. An attacker could include a shorter FT-IE, causing the function to copy 0x20 bytes from (ft_ie + 20), which are stored as the AP's Anonce. Second, after extracting the R0KH-ID and R1KH-ID fields, the function proceeds to calculate the PTK. To do so, the value of PMK-<a href="https://crrev.com/0" title="" class="" rel="nofollow">R0</a> must first be derived. According to IEEE 802.11r-2008 - 8.5.1.5.3, the PMK-<a href="https://crrev.com/0" title="" class="" rel="nofollow">R0</a> is derived as follows: <a href="https://crrev.com/0" title="" class="" rel="nofollow">R0</a>-Key-Data = KDF-384(XXKey, "FT-<a href="https://crrev.com/0" title="" class="" rel="nofollow">R0</a>", SSIDlength || SSID || MDID || R0KHlength || R0KH-ID || S0KH-ID) PMK-<a href="https://crrev.com/0" title="" class="" rel="nofollow">R0</a> = L(<a href="https://crrev.com/0" title="" class="" rel="nofollow">R0</a>-Key-Data, 0, 256) PMK-R0Name-Salt = L(<a href="https://crrev.com/0" title="" class="" rel="nofollow">R0</a>-Key-Data, 256, 128) (see also "wpa_derive_pmk_r0" under <a href="https://w1.fi/cgit/hostap/plain/src/common/wpa_common.c" title="" class="" rel="nofollow">https://w1.fi/cgit/hostap/plain/src/common/wpa_common.c</a>) This calculation is performed by ROM function 0x13C94, which uses the R0KH-ID that was parsed earlier from the FT-IE in the authentication response frame. The function has approximately the following logic: void function_13C94(...) { char buffer[128]; ... memcpy(buffer, "FT-<a href="https://crrev.com/0" title="" class="" rel="nofollow">R0</a>", strlen("FT-<a href="https://crrev.com/0" title="" class="" rel="nofollow">R0</a>")); buffer += strlen("FT-<a href="https://crrev.com/0" title="" class="" rel="nofollow">R0</a>"); memcpy(buffer, &ssid_length, 1); buffer += 1; memcpy(buffer, ssid, ssid_length); buffer += ssid_length; memcpy(buffer, &mdid, 2); buffer += 2; memcpy(buffer, r0kh_id, r0kh_id_len); buffer += rokh_id_len; ... } Where "r0kh_id" is the contents of the R0KH-ID field that was extracted from the FT-IE, and "r0kh_id_len" is the length of the extracted field. Since the R0KH-ID field's length is not validated, an attacker can include an extremely long field within a crafted FT-IE (specifically, the R0KH-ID's length can be at most MAX_IE_SIZE + IE_HEADER_SIZE - FT_IE_SIZE = 255 + 2 - 84 = 173). This would cause the stack-allocated buffer to be overflown, corrupting the stack with attacker-controlled data. This bug is subject to a 90 day disclosure deadline. If 90 days elapse without a broadly available patch, then the bug report will automatically become visible to the public. Found by: laginimaineb

JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 22, allows remote attackers to cause a denial of service (heap-based out-of-bounds write and application crash) or possibly have unspecified other impact via crafted JavaScript code that triggers access to red-zone memory locations, related to jit/ThunkGenerators.cpp, llint/LowLevelInterpreter32_64.asm, and llint/LowLevelInterpreter64.asm. WebKit is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the affected application, resulting in denial-of-service condition. Apple Safari Technology Preview is a browser of Apple (Apple). WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. A security vulnerability exists in JavaScriptCore in WebKit released in Apple Safari Technology Preview 22 release

runtime/JSONObject.cpp in JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (segmentation violation and application crash) via crafted JavaScript code that triggers a "type confusion" in the JSON.stringify function. Apple Safari Technology Preview is a browser of Apple (Apple). WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. A security vulnerability exists in the runtime/JSONObject.cpp file of WebKit's JavaScriptCore in Apple Safari Technology Preview 18

An information disclosure vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32475556. References: B-RB#112953. Google Nexus is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain potentially sensitive information. Information obtained may aid in further attacks

An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32074353. References: QC-CR#1104731. Google Nexus is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain potentially sensitive information. Information obtained may aid in further attacks

A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker to execute arbitrary code within the context of the Wi-Fi SoC. This issue is rated as Critical due to the possibility of remote code execution in the context of the Wi-Fi SoC. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34199105. References: B-RB#110814. Google Android is prone to a remote code-execution vulnerability

An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32342065. NOTE: this issue also exists in the upstream libnl before 3.3.0 library. Android of libnl Contains a privilege escalation vulnerability. Attackers can exploit this issue to gain elevated privileges. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: NetworkManager and libnl3 security, bug fix and enhancement update Advisory ID: RHSA-2017:2299-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2299 Issue date: 2017-08-01 CVE Names: CVE-2017-0553 ===================================================================== 1. Summary: An update for NetworkManager, NetworkManager-libreswan, libnl3, and network-manager-applet is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. The libnl3 packages contain a convenience library that simplifies using the Linux kernel's Netlink sockets interface for network manipulation. The following packages have been upgraded to a later upstream version: NetworkManager (1.8.0), network-manager-applet (1.8.0). (BZ#1413312, BZ#1414103, BZ#1441621) Security Fix(es) in the libnl3 component: * An integer overflow leading to a heap-buffer overflow was found in the libnl library. (CVE-2017-0553) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1231526 - nmcli slow with large numbers of VLANs 1256822 - [RFE] support ipv6 shared connections 1312359 - activating vlan on virtual device fails with: failed to determine interface name: error determine name for vlan 1344303 - hostnamectl set-hostname over-writes existing resolv.conf entries 1348198 - [RFE] cannot easily change active_slave 1349266 - NetworkManager adds extra options while bonding mode=6, which causes extra warning 1351263 - [review] lr/cli-ask-rh1351263: [RFE] allow passing -a to the end of nmcli command 1360386 - bond slaves of master which is slave of a bridge are sometimes not activated in installer 1367752 - startin team slave when master has invalid json config leads to infinite connecting state 1368353 - [NMCI] [abrt] [faf] NetworkManager: g_object_get_property(): /usr/bin/nmcli killed by 11 1369008 - Once NetworkManager is stopped, the ifcfg files it created via nmtui\cockpit are incompatible with initscripts, since MASTER=UUID instead of MASTER=device_name 1369380 - NetworkManager.service ignores commented 'ONBOOT=no # comment' lines in ifcfg 1369716 - Checkpoint/rollback improvements 1371126 - layer 2-only device is taken down when NetworkManager stops 1371433 - [RFE] Directly instruct NM to avoid controlling and monitoring a device. 1376199 - stalled eth1.80 vlan after restart and connection delete 1378418 - vlan device is down and lost ip once stopping NetworkManager 1380165 - [NMCI] just last address specified in novice mode is written into profile 1384937 - [NMCI] team activation timeout with incorrect setup 1386106 - NM fails to detect Red Hat VPN after first login 1388286 - Incorrect MAC address set on em1 after interface renaming 1388613 - [RFE] Allow setting the MTU of mobile broadband connections in NetworkManager 1391170 - nmcli should show output in non-pretty-printed form for parsing 1391477 - [bug] ifcfg-rh plugin fails to re-read valid connection 802-1x connection 1393853 - [NMCI] add team fails after clean install, NM service restart helps 1393997 - nmcli duplicates a connection after a NetworkManager restart if DHCP_HOSTNAME is defined 1394334 - [RFE] Improve NetworkManager error handling 1394344 - [RFE] Improve Multihoming 1394345 - [RFE] Per-device connection checks 1394500 - NetworkManager doesn't honor ip address order 1394579 - improve handling of unmanaged/assumed devices 1398932 - [RFE] Create dummy-based connection 1398934 - [RFE] Recognize SRIOV PF and set its num_vfs 1404148 - NetworkManager assertion failure 1404594 - [RFE] Export DNS configuration via D-Bus 1404598 - [RFE] Split NetworkManager PPP support into a separate package 1405431 - NM changes /etc/resolv.conf even though there is PEERDNS=no in ifcfg-* files 1413312 - Fix default behavior for cloned-mac-address with rebase in rhel-7.4 after upstream change 1414103 - rebase NetworkManager package to new upstream version 1.8.x in rhel-7.4 1420244 - [abrt] [faf] NetworkManager: __strchr_sse42(): /usr/sbin/NetworkManager killed by 11 1420708 - Stable bond slaves ordering based on the device name 1421019 - platform-linux: kernel support for IFLA_INET6_ADDR_GEN_M ODE failed to detect; assume no support 1421429 - [RFE] Connection profile user data 1422610 - NM changes hostname to localhost.localdomain even though no devices are managed by it 1422786 - make insufficient permission errors more visible (especially in connection down) 1423490 - [dns] change behavior for rc-manager=symlink to keep /etc/resolv.conf as regular file instead of symlink 1424641 - Team MAC address changes after reboot or a down/up cycle 1425409 - add MASTER=dev when creating bond directly with slaves in nmtui 1425818 - [abrt] [faf] NetworkManager: unknown function(): /usr/sbin/NetworkManager killed by 5 1426748 - NM changes /etc/resolv.conf even though there is PEERDNS=no in ifcfg-* files part 2 1427482 - NetworkManager doesn't see vlan team-slaves after reboot 1432251 - [abrt] [faf] NetworkManager: raise(): /usr/sbin/NetworkManager killed by 5 1433303 - NetworkManager leaks NMDevice objects for enslaved veth devices 1433883 - [NMCI] nmcli connection down broken 1434317 - Some buttons miss mnemonic character in nm-connection-editor tool 1434555 - Better handling of bonds with TYPE=Ethernet 1436600 - [NMCI] [abrt] [faf] NetworkManager: check_activated(): /usr/bin/nmcli killed by 11 1436601 - [NMCI] [abrt] [faf] NetworkManager: g_logv(): /usr/sbin/NetworkManager killed by 5 1436602 - [NMCI] [abrt] [faf] NetworkManager: g_logv(): /usr/sbin/NetworkManager killed by 5 1436770 - NetworkManager service restart is required after FirewallD package installation to get active zone 1436978 - [abrt] [faf] NetworkManager: raise(): /usr/sbin/NetworkManager killed by 5 1436990 - [NMCI] bring down connection with id exits with incorrect value 1436993 - [NMCI] nmcli segfault when entering editor for new connection 1437438 - [NMCI] [abrt] [faf] NetworkManager: unknown function(): /usr/bin/nmcli killed by 11 1439118 - NetworkManager wrongly manages veth devices [rhel-7.4-alpha only] 1440077 - [NMCI] [abrt] [faf] NetworkManager: _g_log_abort(): /usr/sbin/NetworkManager killed by 5 1440087 - [NMCI] [abrt] [faf] NetworkManager: unknown function(): /usr/sbin/NetworkManager killed by 5 1440089 - [NMCI] [abrt] [faf] NetworkManager: unknown function(): /usr/sbin/NetworkManager killed by 6 1440090 - [NMCI] [abrt] [faf] NetworkManager: unknown function(): /usr/sbin/NetworkManager killed by 11 1440171 - [NMCI] wireless device unmanaged after clean install 1440623 - [NMCI] [abrt] [faf] NetworkManager: g_logv(): /usr/sbin/NetworkManager killed by 5 1440788 - CVE-2017-0553 libnl: Integer overflow in nlmsg_reserve() 1440957 - nmcli connection edit interactive is not working for bond-slave 1442064 - [NMCI] [abrt] [faf] NetworkManager: unknown function(): /usr/sbin/NetworkManager killed by 5 1443437 - Cannot send FQDN as DHCP client Host Name (Option 12) 1443878 - changes in NM assuming of devices causing regressions in Anaconda 1444374 - [NMCI] [abrt] [faf] NetworkManager: _g_log_abort(): /usr/sbin/NetworkManager killed by 5 1445414 - ifcfg: try to stay compatible with pykickstart 1446367 - New IPv6 DAD support lets activation without carrier hang indefinitely 1448165 - NetworkManager does not track ip configurations on managed, inactive devices 1448907 - [abrt] [faf] NetworkManager: g_logv(): /usr/sbin/NetworkManager killed by 5 1448987 - NM does not use new route when adding host route for DHCP server 1449296 - Connectivity checking timeout=0 does not disable connectivity checking 1450444 - NM wrongly delays startup complete with 'carrier wait' 1450459 - backport fix for possible crash in proxy code "nm-pacrunner-manacer.c" 1452062 - [NMCI] vlan_over_no_L3_bond_restart_persistence failed 1452585 - Preserve the old behavior of ordering slaves by ifindex by default 1452648 - (null) in old route syntaxt after calling nmcli modify ipv4.routes 1454385 - Bluetooth NAP doesn't work 1456362 - nmcli crashes when setting the 802-1x.password-raw property 1456826 - tui: fix crash during nmtui-connect 1456911 - Fix checking for valid VLan ID in NetworkManager connection 1457242 - manually added IPv6 route is removed when NM is running 1457909 - [NMCI] nm doesn't match bond connection and a device 1458399 - periodic connectivity checking broken in 1.8 (needs backport) 1458567 - nm-connection-editor crashes when editing an Ethernet connection with 802.1X security 1459579 - [abrt] [faf] NetworkManager: unknown function(): /usr/sbin/NetworkManager killed by 5 1459580 - [abrt] [faf] NetworkManager: unknown function(): /usr/sbin/NetworkManager killed by 5 1459604 - Failed assertion in NetworkManager when removing WWAN modem 1459813 - [NMCI] ipv4_keep_external_addresses failed 1459932 - NetworkManager: connectivity check fails on WWAN interface 1460219 - long device name is cut in nmcli summary 1460527 - Spurious device name in the output of nmcli device wifi subcommands 1460760 - Virtio-net interface MTU overwritten to 1500 bytes 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: NetworkManager-1.8.0-9.el7.src.rpm NetworkManager-libreswan-1.2.4-2.el7.src.rpm libnl3-3.2.28-4.el7.src.rpm network-manager-applet-1.8.0-3.el7.src.rpm x86_64: NetworkManager-1.8.0-9.el7.x86_64.rpm NetworkManager-adsl-1.8.0-9.el7.x86_64.rpm NetworkManager-bluetooth-1.8.0-9.el7.x86_64.rpm NetworkManager-debuginfo-1.8.0-9.el7.i686.rpm NetworkManager-debuginfo-1.8.0-9.el7.x86_64.rpm NetworkManager-glib-1.8.0-9.el7.i686.rpm NetworkManager-glib-1.8.0-9.el7.x86_64.rpm NetworkManager-libnm-1.8.0-9.el7.i686.rpm NetworkManager-libnm-1.8.0-9.el7.x86_64.rpm NetworkManager-libreswan-1.2.4-2.el7.x86_64.rpm NetworkManager-libreswan-debuginfo-1.2.4-2.el7.x86_64.rpm NetworkManager-libreswan-gnome-1.2.4-2.el7.x86_64.rpm NetworkManager-ppp-1.8.0-9.el7.x86_64.rpm NetworkManager-team-1.8.0-9.el7.x86_64.rpm NetworkManager-tui-1.8.0-9.el7.x86_64.rpm NetworkManager-wifi-1.8.0-9.el7.x86_64.rpm NetworkManager-wwan-1.8.0-9.el7.x86_64.rpm libnl3-3.2.28-4.el7.i686.rpm libnl3-3.2.28-4.el7.x86_64.rpm libnl3-cli-3.2.28-4.el7.i686.rpm libnl3-cli-3.2.28-4.el7.x86_64.rpm libnl3-debuginfo-3.2.28-4.el7.i686.rpm libnl3-debuginfo-3.2.28-4.el7.x86_64.rpm libnm-gtk-1.8.0-3.el7.i686.rpm libnm-gtk-1.8.0-3.el7.x86_64.rpm libnma-1.8.0-3.el7.i686.rpm libnma-1.8.0-3.el7.x86_64.rpm network-manager-applet-debuginfo-1.8.0-3.el7.i686.rpm network-manager-applet-debuginfo-1.8.0-3.el7.x86_64.rpm nm-connection-editor-1.8.0-3.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: NetworkManager-config-server-1.8.0-9.el7.noarch.rpm NetworkManager-dispatcher-routing-rules-1.8.0-9.el7.noarch.rpm x86_64: NetworkManager-debuginfo-1.8.0-9.el7.i686.rpm NetworkManager-debuginfo-1.8.0-9.el7.x86_64.rpm NetworkManager-glib-devel-1.8.0-9.el7.i686.rpm NetworkManager-glib-devel-1.8.0-9.el7.x86_64.rpm NetworkManager-libnm-devel-1.8.0-9.el7.i686.rpm NetworkManager-libnm-devel-1.8.0-9.el7.x86_64.rpm libnl3-debuginfo-3.2.28-4.el7.i686.rpm libnl3-debuginfo-3.2.28-4.el7.x86_64.rpm libnl3-devel-3.2.28-4.el7.i686.rpm libnl3-devel-3.2.28-4.el7.x86_64.rpm libnl3-doc-3.2.28-4.el7.x86_64.rpm libnm-gtk-devel-1.8.0-3.el7.i686.rpm libnm-gtk-devel-1.8.0-3.el7.x86_64.rpm libnma-devel-1.8.0-3.el7.i686.rpm libnma-devel-1.8.0-3.el7.x86_64.rpm network-manager-applet-1.8.0-3.el7.x86_64.rpm network-manager-applet-debuginfo-1.8.0-3.el7.i686.rpm network-manager-applet-debuginfo-1.8.0-3.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: NetworkManager-1.8.0-9.el7.src.rpm libnl3-3.2.28-4.el7.src.rpm network-manager-applet-1.8.0-3.el7.src.rpm x86_64: NetworkManager-1.8.0-9.el7.x86_64.rpm NetworkManager-adsl-1.8.0-9.el7.x86_64.rpm NetworkManager-bluetooth-1.8.0-9.el7.x86_64.rpm NetworkManager-debuginfo-1.8.0-9.el7.i686.rpm NetworkManager-debuginfo-1.8.0-9.el7.x86_64.rpm NetworkManager-glib-1.8.0-9.el7.i686.rpm NetworkManager-glib-1.8.0-9.el7.x86_64.rpm NetworkManager-libnm-1.8.0-9.el7.i686.rpm NetworkManager-libnm-1.8.0-9.el7.x86_64.rpm NetworkManager-ppp-1.8.0-9.el7.x86_64.rpm NetworkManager-team-1.8.0-9.el7.x86_64.rpm NetworkManager-tui-1.8.0-9.el7.x86_64.rpm NetworkManager-wifi-1.8.0-9.el7.x86_64.rpm NetworkManager-wwan-1.8.0-9.el7.x86_64.rpm libnl3-3.2.28-4.el7.i686.rpm libnl3-3.2.28-4.el7.x86_64.rpm libnl3-cli-3.2.28-4.el7.i686.rpm libnl3-cli-3.2.28-4.el7.x86_64.rpm libnl3-debuginfo-3.2.28-4.el7.i686.rpm libnl3-debuginfo-3.2.28-4.el7.x86_64.rpm libnm-gtk-1.8.0-3.el7.i686.rpm libnm-gtk-1.8.0-3.el7.x86_64.rpm libnma-1.8.0-3.el7.i686.rpm libnma-1.8.0-3.el7.x86_64.rpm network-manager-applet-debuginfo-1.8.0-3.el7.i686.rpm network-manager-applet-debuginfo-1.8.0-3.el7.x86_64.rpm nm-connection-editor-1.8.0-3.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: NetworkManager-config-server-1.8.0-9.el7.noarch.rpm NetworkManager-dispatcher-routing-rules-1.8.0-9.el7.noarch.rpm x86_64: NetworkManager-debuginfo-1.8.0-9.el7.i686.rpm NetworkManager-debuginfo-1.8.0-9.el7.x86_64.rpm NetworkManager-glib-devel-1.8.0-9.el7.i686.rpm NetworkManager-glib-devel-1.8.0-9.el7.x86_64.rpm NetworkManager-libnm-devel-1.8.0-9.el7.i686.rpm NetworkManager-libnm-devel-1.8.0-9.el7.x86_64.rpm libnl3-debuginfo-3.2.28-4.el7.i686.rpm libnl3-debuginfo-3.2.28-4.el7.x86_64.rpm libnl3-devel-3.2.28-4.el7.i686.rpm libnl3-devel-3.2.28-4.el7.x86_64.rpm libnl3-doc-3.2.28-4.el7.x86_64.rpm libnm-gtk-devel-1.8.0-3.el7.i686.rpm libnm-gtk-devel-1.8.0-3.el7.x86_64.rpm libnma-devel-1.8.0-3.el7.i686.rpm libnma-devel-1.8.0-3.el7.x86_64.rpm network-manager-applet-1.8.0-3.el7.x86_64.rpm network-manager-applet-debuginfo-1.8.0-3.el7.i686.rpm network-manager-applet-debuginfo-1.8.0-3.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: NetworkManager-1.8.0-9.el7.src.rpm NetworkManager-libreswan-1.2.4-2.el7.src.rpm libnl3-3.2.28-4.el7.src.rpm network-manager-applet-1.8.0-3.el7.src.rpm aarch64: NetworkManager-1.8.0-9.el7.aarch64.rpm NetworkManager-adsl-1.8.0-9.el7.aarch64.rpm NetworkManager-bluetooth-1.8.0-9.el7.aarch64.rpm NetworkManager-debuginfo-1.8.0-9.el7.aarch64.rpm NetworkManager-glib-1.8.0-9.el7.aarch64.rpm NetworkManager-libnm-1.8.0-9.el7.aarch64.rpm NetworkManager-libreswan-1.2.4-2.el7.aarch64.rpm NetworkManager-libreswan-debuginfo-1.2.4-2.el7.aarch64.rpm NetworkManager-libreswan-gnome-1.2.4-2.el7.aarch64.rpm NetworkManager-ppp-1.8.0-9.el7.aarch64.rpm NetworkManager-team-1.8.0-9.el7.aarch64.rpm NetworkManager-tui-1.8.0-9.el7.aarch64.rpm NetworkManager-wifi-1.8.0-9.el7.aarch64.rpm NetworkManager-wwan-1.8.0-9.el7.aarch64.rpm libnl3-3.2.28-4.el7.aarch64.rpm libnl3-cli-3.2.28-4.el7.aarch64.rpm libnl3-debuginfo-3.2.28-4.el7.aarch64.rpm libnm-gtk-1.8.0-3.el7.aarch64.rpm libnma-1.8.0-3.el7.aarch64.rpm network-manager-applet-debuginfo-1.8.0-3.el7.aarch64.rpm nm-connection-editor-1.8.0-3.el7.aarch64.rpm noarch: NetworkManager-config-server-1.8.0-9.el7.noarch.rpm ppc64: NetworkManager-1.8.0-9.el7.ppc64.rpm NetworkManager-adsl-1.8.0-9.el7.ppc64.rpm NetworkManager-bluetooth-1.8.0-9.el7.ppc64.rpm NetworkManager-debuginfo-1.8.0-9.el7.ppc.rpm NetworkManager-debuginfo-1.8.0-9.el7.ppc64.rpm NetworkManager-glib-1.8.0-9.el7.ppc.rpm NetworkManager-glib-1.8.0-9.el7.ppc64.rpm NetworkManager-libnm-1.8.0-9.el7.ppc.rpm NetworkManager-libnm-1.8.0-9.el7.ppc64.rpm NetworkManager-libreswan-1.2.4-2.el7.ppc64.rpm NetworkManager-libreswan-debuginfo-1.2.4-2.el7.ppc64.rpm NetworkManager-libreswan-gnome-1.2.4-2.el7.ppc64.rpm NetworkManager-ppp-1.8.0-9.el7.ppc64.rpm NetworkManager-team-1.8.0-9.el7.ppc64.rpm NetworkManager-tui-1.8.0-9.el7.ppc64.rpm NetworkManager-wifi-1.8.0-9.el7.ppc64.rpm NetworkManager-wwan-1.8.0-9.el7.ppc64.rpm libnl3-3.2.28-4.el7.ppc.rpm libnl3-3.2.28-4.el7.ppc64.rpm libnl3-cli-3.2.28-4.el7.ppc.rpm libnl3-cli-3.2.28-4.el7.ppc64.rpm libnl3-debuginfo-3.2.28-4.el7.ppc.rpm libnl3-debuginfo-3.2.28-4.el7.ppc64.rpm libnm-gtk-1.8.0-3.el7.ppc.rpm libnm-gtk-1.8.0-3.el7.ppc64.rpm libnma-1.8.0-3.el7.ppc.rpm libnma-1.8.0-3.el7.ppc64.rpm network-manager-applet-debuginfo-1.8.0-3.el7.ppc.rpm network-manager-applet-debuginfo-1.8.0-3.el7.ppc64.rpm nm-connection-editor-1.8.0-3.el7.ppc64.rpm ppc64le: NetworkManager-1.8.0-9.el7.ppc64le.rpm NetworkManager-adsl-1.8.0-9.el7.ppc64le.rpm NetworkManager-bluetooth-1.8.0-9.el7.ppc64le.rpm NetworkManager-debuginfo-1.8.0-9.el7.ppc64le.rpm NetworkManager-glib-1.8.0-9.el7.ppc64le.rpm NetworkManager-libnm-1.8.0-9.el7.ppc64le.rpm NetworkManager-libreswan-1.2.4-2.el7.ppc64le.rpm NetworkManager-libreswan-debuginfo-1.2.4-2.el7.ppc64le.rpm NetworkManager-libreswan-gnome-1.2.4-2.el7.ppc64le.rpm NetworkManager-ppp-1.8.0-9.el7.ppc64le.rpm NetworkManager-team-1.8.0-9.el7.ppc64le.rpm NetworkManager-tui-1.8.0-9.el7.ppc64le.rpm NetworkManager-wifi-1.8.0-9.el7.ppc64le.rpm NetworkManager-wwan-1.8.0-9.el7.ppc64le.rpm libnl3-3.2.28-4.el7.ppc64le.rpm libnl3-cli-3.2.28-4.el7.ppc64le.rpm libnl3-debuginfo-3.2.28-4.el7.ppc64le.rpm libnm-gtk-1.8.0-3.el7.ppc64le.rpm libnma-1.8.0-3.el7.ppc64le.rpm network-manager-applet-debuginfo-1.8.0-3.el7.ppc64le.rpm nm-connection-editor-1.8.0-3.el7.ppc64le.rpm s390x: NetworkManager-1.8.0-9.el7.s390x.rpm NetworkManager-bluetooth-1.8.0-9.el7.s390x.rpm NetworkManager-debuginfo-1.8.0-9.el7.s390.rpm NetworkManager-debuginfo-1.8.0-9.el7.s390x.rpm NetworkManager-glib-1.8.0-9.el7.s390.rpm NetworkManager-glib-1.8.0-9.el7.s390x.rpm NetworkManager-libnm-1.8.0-9.el7.s390.rpm NetworkManager-libnm-1.8.0-9.el7.s390x.rpm NetworkManager-libreswan-1.2.4-2.el7.s390x.rpm NetworkManager-libreswan-debuginfo-1.2.4-2.el7.s390x.rpm NetworkManager-libreswan-gnome-1.2.4-2.el7.s390x.rpm NetworkManager-ppp-1.8.0-9.el7.s390x.rpm NetworkManager-team-1.8.0-9.el7.s390x.rpm NetworkManager-tui-1.8.0-9.el7.s390x.rpm NetworkManager-wifi-1.8.0-9.el7.s390x.rpm NetworkManager-wwan-1.8.0-9.el7.s390x.rpm libnl3-3.2.28-4.el7.s390.rpm libnl3-3.2.28-4.el7.s390x.rpm libnl3-cli-3.2.28-4.el7.s390.rpm libnl3-cli-3.2.28-4.el7.s390x.rpm libnl3-debuginfo-3.2.28-4.el7.s390.rpm libnl3-debuginfo-3.2.28-4.el7.s390x.rpm libnm-gtk-1.8.0-3.el7.s390.rpm libnm-gtk-1.8.0-3.el7.s390x.rpm libnma-1.8.0-3.el7.s390.rpm libnma-1.8.0-3.el7.s390x.rpm network-manager-applet-debuginfo-1.8.0-3.el7.s390.rpm network-manager-applet-debuginfo-1.8.0-3.el7.s390x.rpm nm-connection-editor-1.8.0-3.el7.s390x.rpm x86_64: NetworkManager-1.8.0-9.el7.x86_64.rpm NetworkManager-adsl-1.8.0-9.el7.x86_64.rpm NetworkManager-bluetooth-1.8.0-9.el7.x86_64.rpm NetworkManager-debuginfo-1.8.0-9.el7.i686.rpm NetworkManager-debuginfo-1.8.0-9.el7.x86_64.rpm NetworkManager-glib-1.8.0-9.el7.i686.rpm NetworkManager-glib-1.8.0-9.el7.x86_64.rpm NetworkManager-libnm-1.8.0-9.el7.i686.rpm NetworkManager-libnm-1.8.0-9.el7.x86_64.rpm NetworkManager-libreswan-1.2.4-2.el7.x86_64.rpm NetworkManager-libreswan-debuginfo-1.2.4-2.el7.x86_64.rpm NetworkManager-libreswan-gnome-1.2.4-2.el7.x86_64.rpm NetworkManager-ppp-1.8.0-9.el7.x86_64.rpm NetworkManager-team-1.8.0-9.el7.x86_64.rpm NetworkManager-tui-1.8.0-9.el7.x86_64.rpm NetworkManager-wifi-1.8.0-9.el7.x86_64.rpm NetworkManager-wwan-1.8.0-9.el7.x86_64.rpm libnl3-3.2.28-4.el7.i686.rpm libnl3-3.2.28-4.el7.x86_64.rpm libnl3-cli-3.2.28-4.el7.i686.rpm libnl3-cli-3.2.28-4.el7.x86_64.rpm libnl3-debuginfo-3.2.28-4.el7.i686.rpm libnl3-debuginfo-3.2.28-4.el7.x86_64.rpm libnm-gtk-1.8.0-3.el7.i686.rpm libnm-gtk-1.8.0-3.el7.x86_64.rpm libnma-1.8.0-3.el7.i686.rpm libnma-1.8.0-3.el7.x86_64.rpm network-manager-applet-debuginfo-1.8.0-3.el7.i686.rpm network-manager-applet-debuginfo-1.8.0-3.el7.x86_64.rpm nm-connection-editor-1.8.0-3.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): aarch64: NetworkManager-debuginfo-1.8.0-9.el7.aarch64.rpm NetworkManager-glib-devel-1.8.0-9.el7.aarch64.rpm NetworkManager-libnm-devel-1.8.0-9.el7.aarch64.rpm libnl3-debuginfo-3.2.28-4.el7.aarch64.rpm libnl3-devel-3.2.28-4.el7.aarch64.rpm libnl3-doc-3.2.28-4.el7.aarch64.rpm libnm-gtk-devel-1.8.0-3.el7.aarch64.rpm libnma-devel-1.8.0-3.el7.aarch64.rpm network-manager-applet-1.8.0-3.el7.aarch64.rpm network-manager-applet-debuginfo-1.8.0-3.el7.aarch64.rpm noarch: NetworkManager-dispatcher-routing-rules-1.8.0-9.el7.noarch.rpm ppc64: NetworkManager-debuginfo-1.8.0-9.el7.ppc.rpm NetworkManager-debuginfo-1.8.0-9.el7.ppc64.rpm NetworkManager-glib-devel-1.8.0-9.el7.ppc.rpm NetworkManager-glib-devel-1.8.0-9.el7.ppc64.rpm NetworkManager-libnm-devel-1.8.0-9.el7.ppc.rpm NetworkManager-libnm-devel-1.8.0-9.el7.ppc64.rpm libnl3-debuginfo-3.2.28-4.el7.ppc.rpm libnl3-debuginfo-3.2.28-4.el7.ppc64.rpm libnl3-devel-3.2.28-4.el7.ppc.rpm libnl3-devel-3.2.28-4.el7.ppc64.rpm libnl3-doc-3.2.28-4.el7.ppc64.rpm libnm-gtk-devel-1.8.0-3.el7.ppc.rpm libnm-gtk-devel-1.8.0-3.el7.ppc64.rpm libnma-devel-1.8.0-3.el7.ppc.rpm libnma-devel-1.8.0-3.el7.ppc64.rpm network-manager-applet-1.8.0-3.el7.ppc64.rpm network-manager-applet-debuginfo-1.8.0-3.el7.ppc.rpm network-manager-applet-debuginfo-1.8.0-3.el7.ppc64.rpm ppc64le: NetworkManager-debuginfo-1.8.0-9.el7.ppc64le.rpm NetworkManager-glib-devel-1.8.0-9.el7.ppc64le.rpm NetworkManager-libnm-devel-1.8.0-9.el7.ppc64le.rpm libnl3-debuginfo-3.2.28-4.el7.ppc64le.rpm libnl3-devel-3.2.28-4.el7.ppc64le.rpm libnl3-doc-3.2.28-4.el7.ppc64le.rpm libnm-gtk-devel-1.8.0-3.el7.ppc64le.rpm libnma-devel-1.8.0-3.el7.ppc64le.rpm network-manager-applet-1.8.0-3.el7.ppc64le.rpm network-manager-applet-debuginfo-1.8.0-3.el7.ppc64le.rpm s390x: NetworkManager-adsl-1.8.0-9.el7.s390x.rpm NetworkManager-debuginfo-1.8.0-9.el7.s390.rpm NetworkManager-debuginfo-1.8.0-9.el7.s390x.rpm NetworkManager-glib-devel-1.8.0-9.el7.s390.rpm NetworkManager-glib-devel-1.8.0-9.el7.s390x.rpm NetworkManager-libnm-devel-1.8.0-9.el7.s390.rpm NetworkManager-libnm-devel-1.8.0-9.el7.s390x.rpm libnl3-debuginfo-3.2.28-4.el7.s390.rpm libnl3-debuginfo-3.2.28-4.el7.s390x.rpm libnl3-devel-3.2.28-4.el7.s390.rpm libnl3-devel-3.2.28-4.el7.s390x.rpm libnl3-doc-3.2.28-4.el7.s390x.rpm libnm-gtk-devel-1.8.0-3.el7.s390.rpm libnm-gtk-devel-1.8.0-3.el7.s390x.rpm libnma-devel-1.8.0-3.el7.s390.rpm libnma-devel-1.8.0-3.el7.s390x.rpm network-manager-applet-1.8.0-3.el7.s390x.rpm network-manager-applet-debuginfo-1.8.0-3.el7.s390.rpm network-manager-applet-debuginfo-1.8.0-3.el7.s390x.rpm x86_64: NetworkManager-debuginfo-1.8.0-9.el7.i686.rpm NetworkManager-debuginfo-1.8.0-9.el7.x86_64.rpm NetworkManager-glib-devel-1.8.0-9.el7.i686.rpm NetworkManager-glib-devel-1.8.0-9.el7.x86_64.rpm NetworkManager-libnm-devel-1.8.0-9.el7.i686.rpm NetworkManager-libnm-devel-1.8.0-9.el7.x86_64.rpm libnl3-debuginfo-3.2.28-4.el7.i686.rpm libnl3-debuginfo-3.2.28-4.el7.x86_64.rpm libnl3-devel-3.2.28-4.el7.i686.rpm libnl3-devel-3.2.28-4.el7.x86_64.rpm libnl3-doc-3.2.28-4.el7.x86_64.rpm libnm-gtk-devel-1.8.0-3.el7.i686.rpm libnm-gtk-devel-1.8.0-3.el7.x86_64.rpm libnma-devel-1.8.0-3.el7.i686.rpm libnma-devel-1.8.0-3.el7.x86_64.rpm network-manager-applet-1.8.0-3.el7.x86_64.rpm network-manager-applet-debuginfo-1.8.0-3.el7.i686.rpm network-manager-applet-debuginfo-1.8.0-3.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: NetworkManager-1.8.0-9.el7.src.rpm NetworkManager-libreswan-1.2.4-2.el7.src.rpm libnl3-3.2.28-4.el7.src.rpm network-manager-applet-1.8.0-3.el7.src.rpm x86_64: NetworkManager-1.8.0-9.el7.x86_64.rpm NetworkManager-adsl-1.8.0-9.el7.x86_64.rpm NetworkManager-bluetooth-1.8.0-9.el7.x86_64.rpm NetworkManager-debuginfo-1.8.0-9.el7.i686.rpm NetworkManager-debuginfo-1.8.0-9.el7.x86_64.rpm NetworkManager-glib-1.8.0-9.el7.i686.rpm NetworkManager-glib-1.8.0-9.el7.x86_64.rpm NetworkManager-libnm-1.8.0-9.el7.i686.rpm NetworkManager-libnm-1.8.0-9.el7.x86_64.rpm NetworkManager-libreswan-1.2.4-2.el7.x86_64.rpm NetworkManager-libreswan-debuginfo-1.2.4-2.el7.x86_64.rpm NetworkManager-libreswan-gnome-1.2.4-2.el7.x86_64.rpm NetworkManager-ppp-1.8.0-9.el7.x86_64.rpm NetworkManager-team-1.8.0-9.el7.x86_64.rpm NetworkManager-tui-1.8.0-9.el7.x86_64.rpm NetworkManager-wifi-1.8.0-9.el7.x86_64.rpm NetworkManager-wwan-1.8.0-9.el7.x86_64.rpm libnl3-3.2.28-4.el7.i686.rpm libnl3-3.2.28-4.el7.x86_64.rpm libnl3-cli-3.2.28-4.el7.i686.rpm libnl3-cli-3.2.28-4.el7.x86_64.rpm libnl3-debuginfo-3.2.28-4.el7.i686.rpm libnl3-debuginfo-3.2.28-4.el7.x86_64.rpm libnm-gtk-1.8.0-3.el7.i686.rpm libnm-gtk-1.8.0-3.el7.x86_64.rpm libnma-1.8.0-3.el7.i686.rpm libnma-1.8.0-3.el7.x86_64.rpm network-manager-applet-debuginfo-1.8.0-3.el7.i686.rpm network-manager-applet-debuginfo-1.8.0-3.el7.x86_64.rpm nm-connection-editor-1.8.0-3.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: NetworkManager-config-server-1.8.0-9.el7.noarch.rpm NetworkManager-dispatcher-routing-rules-1.8.0-9.el7.noarch.rpm x86_64: NetworkManager-debuginfo-1.8.0-9.el7.i686.rpm NetworkManager-debuginfo-1.8.0-9.el7.x86_64.rpm NetworkManager-glib-devel-1.8.0-9.el7.i686.rpm NetworkManager-glib-devel-1.8.0-9.el7.x86_64.rpm NetworkManager-libnm-devel-1.8.0-9.el7.i686.rpm NetworkManager-libnm-devel-1.8.0-9.el7.x86_64.rpm libnl3-debuginfo-3.2.28-4.el7.i686.rpm libnl3-debuginfo-3.2.28-4.el7.x86_64.rpm libnl3-devel-3.2.28-4.el7.i686.rpm libnl3-devel-3.2.28-4.el7.x86_64.rpm libnl3-doc-3.2.28-4.el7.x86_64.rpm libnm-gtk-devel-1.8.0-3.el7.i686.rpm libnm-gtk-devel-1.8.0-3.el7.x86_64.rpm libnma-devel-1.8.0-3.el7.i686.rpm libnma-devel-1.8.0-3.el7.x86_64.rpm network-manager-applet-1.8.0-3.el7.x86_64.rpm network-manager-applet-debuginfo-1.8.0-3.el7.i686.rpm network-manager-applet-debuginfo-1.8.0-3.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-0553 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.4_Release_Notes/index.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFZgEg3XlSAg2UNWIIRAkjpAJ9Un+idjyGpaGP1A2Yoox/fpan7SACfS0dn 9pjjLzEg4D1E5JXtoE7Owgc= =Vh34 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================== Ubuntu Security Notice USN-3311-2 June 19, 2017 libnl3 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 ESM Summary: libnl could be made to run programs as an administrator. Software Description: - libnl3: library for dealing with netlink sockets Details: USN-3311-1 fixed a vulnerability in libnl. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that libnl incorrectly handled memory when performing certain operations. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM: libnl-3-200 3.2.3-2ubuntu2.1 After a standard system update you need to reboot your computer to make all the necessary changes

Huawei LogCenter V100R001C10 could allow an authenticated attacker to add abnormal device information to the log collection module, causing denial of service. Huawei LogCenter Contains an input validation vulnerability.Service operation interruption (DoS) An attack may be carried out. Huawei LogCenter is a log management software from China Huawei. A denial of service vulnerability exists in Huawei's LogCenter V100R001C10 version. The vulnerability stems from the lack of legality checking of incoming device information data. There is a denial-of-service vulnerability in Huawei LogCenter V100R001C10

Huawei FusionAccess with software V100R005C10,V100R005C20 could allow attackers to craft and send a malformed HDP protocol packet to cause the virtual cloud desktop to be displaying an error and not usable. Huawei FusionAccess Software contains input validation vulnerabilities.Service operation interruption (DoS) An attack may be carried out. Huawei FusionAccess is a desktop management system for Huawei's FusionCloud desktop cloud solution from Huawei. The system distributes, maintains, and recycles virtual desktops to users through a graphical Portal interface. An input verification vulnerability exists in Huawei FusionAccess V100R005C10 and V100R005C20

Huawei FusionManager with software V100R002C03 and V100R003C00 could allow an unauthenticated, remote attacker to conduct a CSRF attack against the user of the web interface. Huawei FusionManager is a management software for hardware devices, virtualized resources, and applications developed by Huawei in China. Cross-site request forgery vulnerabilities exist in Huawei FusionManager V100R002C03 and V100R003C00. A remote attacker could exploit this vulnerability to perform unauthorized operations

Huawei Eudemon8000E firewall with software V200R001C01SPC800 and earlier versions allows users to log in to the device using Telnet or SSH. When an attacker sends to the device a mass of TCP packets with special structure, the logging process becomes slow and users may be unable to log in to the device. Huawei Eudemon8000E The firmware contains a resource management vulnerability.Service operation interruption (DoS) An attack may be carried out. Huawei's Eudemon8000E is a new generation of high-performance T-class security gateways for operators from Huawei. There are security vulnerabilities in Huawei Eudemon8000EV200R001C01SPC800 and previous versions

Huawei S9300 with software before V100R006SPH013 and S2300,S3300,S5300,S6300 with software before V100R006SPH010 support Y.1731 and therefore have the Y.1731 vulnerability in processing special packets. The vulnerability causes the restart of switches. plural Huawei The product contains a data processing vulnerability.Denial of service (DoS) An attack could be made. The S9300, S2300, S3300, S5300, and S6300 are various types of switches introduced by Huawei. An attacker could exploit this vulnerability to reboot the device. The following products and versions are affected: Huawei S9300 V100R006C00SPC500 Version, V100R006C00SPC800 Version; S2300 V100R006C00SPC800 Version, V100R006C01SPC100 Version, V100R006C03 Version; S3300 V100R006C00SPC800 Version, V100R006C01SPC100 Version, V100R006C03 Version; S5300 V100R006C00SPC800 Version, V100R006C01SPC100 Version, V100R006C03 Version; S6300 V100R006C00SPC800 Version, V100R006C01SPC100 The version is V100R006C03

Huawei Quidway S9700 V200R003C00SPC500, Quidway S9300 V200R003C00SPC500, Quidway S7700 V200R003C00SPC500, Quidway S6700 V200R003C00SPC300, Quidway S6300 V200R003C00SPC300, Quidway S5700 V200R003C00SPC300, Quidway S5300 V200R003C00SPC300 enable attackers to launch DoS attacks by crafting and sending malformed packets to these vulnerable products. (DoS) There is a possibility of being put into a state. The Quidway S9700, the Quidway S9300, the Quidway S7700, the Quidway S6700, the Quidway S6300, the Quidway S5700, and the Quidway S5300 are various types of switches. The following products and versions are affected: Huawei Quidway S9700 V200R003C00SPC500 Version; Quidway S9300 V200R003C00SPC500 Version; Quidway S7700 V200R003C00SPC500 Version; Quidway S6700 V200R003C00SPC500 Version; Quidway S6300 V200R003C00SPC500 Version; Quidway S5700 V200R003C00SPC500 Version; Quidway S5300 V200R003C00SPC500 Version

Huawei Campus S3700HI with software V200R001C00SPC300; Campus S5700 with software V200R002C00SPC100; Campus S7700 with software V200R003C00SPC300,V200R003C00SPC500; LSW S9700 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S2350 with software V200R003C00SPC300; S2750 with software V200R003C00SPC300; S5300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S5700 with software V200R001C00SPC300,V200R003C00SPC300; S6300 with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S6700 S3300HI with software V200R001C00SPC300,V200R002C00SPC100,V200R003C00SPC300; S7700 with software V200R001C00SPC300; S9300 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S9300E with software V200R003C00SPC300,V200R003C00SPC500 allow attackers to keep sending malformed packets to cause a denial of service (DoS) attack, aka a heap overflow. plural Huawei Campus The product software contains a buffer error vulnerability.Service operation interruption (DoS) An attack may be carried out. Huawei's Campus switch is a series of switches introduced by Huawei. An attacker can exploit this vulnerability by using malformed packets to cause the device to restart abnormally. The following products and versions are affected: Huawei Campus S3700HI V200R001C00SPC300 Version; Campus S5700 V200R002C00SPC100 Version; Campus S7700 V200R003C00SPC300 Version, V200R003C00SPC500 Version; LSW S9700 V200R001C00SPC300 Version, V200R003C00SPC300 Version, V200R003C00SPC500 Version; S2350 V200R003C00SPC300 Version; S2750 V200R003C00SPC300 Version; S5300 V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version; S5700 V200R001C00SPC300 Version, V200R003C00SPC300 Version; S6300 V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version; S6700 S3300HI V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version; S7700 V200R001C00SPC300 Version; S9300 V200R001C00SPC300 Version, V200R003C00SPC300 Version, V200R003C00SPC500 Version; S9300E V200R003C00SPC300 Version , V200R003C00SPC500 version

Huawei Campus S7700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9300 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300 allow unauthorized users to upgrade the bootrom or bootload software, bypass a Menu protection mechanism, conduct a Menu compromise attack, or bypass a Menu/upgrade protection mechanism. Huawei Campus S7700 , S9300 and S9700 Software contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. Huawei CampusS7700 is an enterprise-class campus switch of China Huawei. There are security vulnerabilities in Huawei's CampusS7700, S9300, and S9700 switches. The following products and versions are affected: Huawei S7700 V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version; S9300 V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version; S9700 V200R001C00SPC300 Version, V200R002C00SPC100 Version, V200R003C00SPC300 Version

Huawei S9300, S9303, S9306, S9312 with software V100R002; S7700, S7703, S7706, S7712 with software V100R003, V100R006, V200R001, V200R002, V200R003, V200R005; S9300E, S9303E, S9306E, S9312E with software V200R001; S9700, S9703, S9706, S9712 with software V200R002, V200R003, V200R005; S12708, S12712 with software V200R005; 5700HI, 5300HI with software V100R006, V200R001, V200R002, V200R003, V200R005; 5710EI, 5310EI with software V200R002, V200R003, V200R005; 5710HI, 5310HI with software V200R003, V200R005; 6700EI, 6300EI with software V200R005 could cause a leak of IP addresses of devices, related to unintended interface support for VRP MPLS LSP Ping. Huawei S9300 and other Huawei S series switches are Huawei. An information disclosure vulnerability exists in several Huawei switches that use the VRP platform. The Huawei S9300 and others are all S-series switches of China's Huawei (Huawei). The following products and versions are affected: Huawei S300 V100R002 version, V100R003 version, V100R006 version, V200R001 version, V200R002 version, V200R003 version; S9303 V100R002 version, V100R003 version, V200R001 version, V200R003 version; V100R003 Version, V100R006 Version, V200R001 Version, V200R002 Version, V200R003 Version; S9312 V100R002 Version, V100R003 Version, V100R006 Version, V200R001 Version, V200R002 Version, V200R003 Version; S7700 V100R002 Version, V100R003 Version, V100R006 Version, V200R001 Version, V200R002 Version, V200R003 Version; S7703 V100R002 Version, V100R003 Version, V100R006 Version, V200R001 Version, V200R002 Version, V200R003 Version; S7706 V100R002 Version, V100R003 Version, V100R006 Version, V200R001 Version, V200R002 Version, V200R003 Version; S7712 V100R002 Version, V100R003 Version, V100R006 Version, V200R001 Version, V200R002 Version, V200R003 Version; S9300E V200R001 Version, V200R002 Version, V200R003 Version, V200R005 Version; S9303E V200R001 Version, V200R002 Version, V200R003 Version, V200R005 Version; S9306E V200R001 Version, V200R002 Version, V200R003 Version, V200R005 Version; S9312E

Apps on Huawei Ascend P6 mobile phones with software EDGE-U00 V100R001C17B508SP01 and earlier versions before V100R001C17B508SP02; EDGE-T00 V100R001C01B508SP01 and earlier versions before V100R001C01B508SP02; EDGE-C00 V100R001C92B508SP02 and earlier versions before V100R001C92B508SP03 can capture screens without the root permission. As a result, user information can be leaked by malware on Ascend P6 mobile phones. HuaweiP6 is a smartphone from China's Huawei company. The EDGE-U00, EDGE-T00 and EDGE-C00 are all versions. HuaweiP6 has a privilege escalation vulnerability. An attacker can use this vulnerability to perform a screen capture operation, causing user information to leak. There is a security flaw in the Huawei P6

Huawei USG9500 with software V200R001C01SPC800 and earlier versions, V300R001C00; USG2100 with software V300R001C00SPC900 and earlier versions; USG2200 with software V300R001C00SPC900; USG5100 with software V300R001C00SPC900 could allow an unauthenticated, remote attacker to conduct a CSRF attack against the user of the web interface. Huawei USG9500 is a firewall product of China Huawei. A cross-site request forgery vulnerability exists in several Huawei firewall USG series products. A remote attacker could exploit this vulnerability to perform unauthorized operations. Huawei USG9500 etc. The following products and versions are affected: Huawei USG9500 V200R001C01SPC800 and previous versions, V300R001C00 Version; USG2100 V300R001C00SPC900 and previous versions; USG2200 V300R001C00SPC900 and previous versions; USG5100 V300R001C00SPC900 and previous versions; USG5500 V300R001C00SPC900 and previous versions

Huawei home gateways WS318 with software V100R001C01B022 and earlier versions are affected by the PIN offline brute force cracking vulnerability of the WPS protocol because the random number generator (RNG) used in the supplier's solution is not random enough. As a result, brute force cracking the PIN code is easier. After an attacker cracks the PIN, the attacker can access the Internet via the cracked device. Huawei WS318 The firmware includes PRNG There is an insufficient entropy vulnerability in.Information may be obtained. Huawei WS318 is a wireless router product from China's Huawei company. A security vulnerability exists in Huawei's WS318V100R001C01B022 and previous versions

Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285 V2 V100R002C00SPC115 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285H V2 V100R002C00SPC111 and earlier versions, Tecal RH2268 V2 V100R002C00, Tecal RH2288 V2 V100R002C00SPC117 and earlier versions, Tecal RH2288H V2 V100R002C00SPC115 and earlier versions, Tecal RH2485 V2 V100R002C00SPC502 and earlier versions, Tecal RH5885 V2 V100R001C02SPC109 and earlier versions, Tecal RH5885 V3 V100R003C01SPC102 and earlier versions, Tecal RH5885H V3 V100R003C00SPC102 and earlier versions, Tecal XH310 V2 V100R001C00SPC110 and earlier versions, Tecal XH311 V2 V100R001C00SPC110 and earlier versions, Tecal XH320 V2 V100R001C00SPC110 and earlier versions, Tecal XH621 V2 V100R001C00SPC106 and earlier versions, Tecal DH310 V2 V100R001C00SPC110 and earlier versions, Tecal DH320 V2 V100R001C00SPC106 and earlier versions, Tecal DH620 V2 V100R001C00SPC106 and earlier versions, Tecal DH621 V2 V100R001C00SPC107 and earlier versions, Tecal DH628 V2 V100R001C00SPC107 and earlier versions, Tecal BH620 V2 V100R002C00SPC107 and earlier versions, Tecal BH621 V2 V100R002C00SPC106 and earlier versions, Tecal BH622 V2 V100R002C00SPC110 and earlier versions, Tecal BH640 V2 V100R002C00SPC108 and earlier versions, Tecal CH121 V100R001C00SPC180 and earlier versions, Tecal CH140 V100R001C00SPC110 and earlier versions, Tecal CH220 V100R001C00SPC180 and earlier versions, Tecal CH221 V100R001C00SPC180 and earlier versions, Tecal CH222 V100R002C00SPC180 and earlier versions, Tecal CH240 V100R001C00SPC180 and earlier versions, Tecal CH242 V100R001C00SPC180 and earlier versions, Tecal CH242 V3 V100R001C00SPC110 and earlier versions could allow users who log in to the products to view the sessions IDs of all online users on the Online Users page of the web UI. plural Huawei Tecal The product contains an information disclosure vulnerability.Information may be obtained. Huawei TecalRH1288V2 is a server of Huawei (Huawei) of China. An attacker could use this vulnerability to view the session IDs of all online users on the WebUI's OnlineUsers page. Huawei Tecal RH1288 V2 and others are all servers of the Chinese company Huawei