Bug 1184433 (CVE-2021-20297) - VUL-0: CVE-2021-20297: NetworkManager: fix crash in nm_wildcard_match_check()
Summary: VUL-0: CVE-2021-20297: NetworkManager: fix crash in nm_wildcard_match_check()
Status: RESOLVED FIXED
Alias: CVE-2021-20297
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/280765/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-04-07 08:55 UTC by Alexander Bergmann
Modified: 2024-05-23 15:32 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Alexander Bergmann 2021-04-07 08:59:07 UTC 
The code in question was introduced via 

commit 824ad6275df1f00daa57a002c46a87257ef218a2

and is only present since version 1.27.1.

git describe --contains 824ad6275d
1.27.1-dev^2~74^2

SUSE:SLE-15-SP2 NetworkManager-1.22.10
openSUSE:Leap:15.2 NetworkManager-1.22.10

Only Factory is affected:

openSUSE:Factory NetworkManager-1.30.0
Comment 2 Jonathan Kang 2021-06-02 08:09:42 UTC 
NetworkManager in openSUSE:Factory has been updated to version 1.30.4 which
contains the fix for this.

Reassigning to security team.
Comment 3 Andrea Mattiazzo 2024-05-23 15:32:19 UTC 
All done, closing.