Debian Linux Security Advisory 3581-1 - Julien Bernard discovered that libndp, a library for the IPv6 Neighbor Discovery Protocol, does not properly perform input and origin checks during the reception of a NDP message. An attacker in a non-local network could use this flaw to advertise a node as a router, and cause a denial of service attack, or act as a man-in-the-middle.
affa5c2647200287ee20023cbd0d5822a09944b8e4e426c1e6c7ff0c0709d1b0
Red Hat Security Advisory 2016-1086-01 - Libndp is a library that provides a wrapper for the IPv6 Neighbor Discovery Protocol. It also provides a tool named ndptool for sending and receiving NDP messages. Security Fix: It was found that libndp did not properly validate and check the origin of Neighbor Discovery Protocol messages. An attacker on a non-local network could use this flaw to advertise a node as a router, allowing them to perform man-in-the-middle attacks on a connecting client, or disrupt the network connectivity of that client.
8355924f316a3a290f7093136170ead8bd279f1e0739e79b02189dd1b7f3e2bd
Ubuntu Security Notice 2980-1 - Julien Bernard discovered that libndp incorrectly performed origin checks when receiving Neighbor Discovery Protocol (NDP) messages. A remote attacker outside of the local network could use this issue to advertise a node as a router, causing a denial of service, or possibly to act as a man in the middle.
fd80dfb5e75a446fbe7f7256ff55473acd17f98dda4e3e20e1cfdab2bede7e5d