CVE-2016-3698 (debian_linux, enterprise_linux_desktop, enterprise_linux_hpc_node, enterprise_linux_hpc_node_eus, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_server_eus, enterprise_linux_workstation, libndp, ubuntu_linux)
libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.