Fluid Attacks Database

Description

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	network-manager	=1.42.4-1 \|\| =1.42.4-1+deb12u1 \|\| =1.42.6-1 \|\| =1.42.6-2 \|\| =1.42.8-1 \|\| =1.44.0-1 \|\| =1.44.2-1 \|\| =1.44.2-2 \|\| =1.44.2-3 \|\| =1.44.2-4 \|\| =1.44.2-5 \|\| =1.44.2-6 \|\| =1.44.2-7 \|\| =1.45.90-1 \|\| =1.45.91-1 \|\| =1.46.0-1 \|\| =1.46.0-2 \|\| =1.47.90-1 \|\| =1.47.90-2 \|\| =1.47.91-1 \|\| =1.48.0-1 \|\| =1.48.10-1 \|\| =1.48.2-1 \|\| =1.48.4-1 \|\| =1.48.6-1 \|\| =1.48.8-1 \|\| =1.49.90-1 \|\| =1.49.90-2 \|\| =1.49.91-1 \|\| =1.50.0-1 \|\| =1.50.1-1 \|\| =1.50.2-1 \|\| =1.50.3-1 \|\| =1.51.90-1 \|\| =1.52.0-1 \|\| =1.52.0-2 \|\| =1.52.0-3 \|\| =1.52.0-4 \|\| =1.52.0-5 \|\| =1.52.0-6 \|\| =1.52.1-1 \|\| =1.54.0-1 \|\| =1.54.0-2 \|\| =1.54.0-3 \|\| =1.54.0-4 \|\| =1.54.1-1 \|\| =1.54.2-1 \|\| =1.54.2-2 \|\| =1.54.2-3 \|\| =1.54.3-1 \|\| =1.54.3-2 \|\| =1.56.0-1 \|\| =1.56.0-2 \|\| =1.56.0-3 \|\| =1.56.0-4 \|\| =1.56.0-5 \|\| =1.56.0-6	-
debian 13	network-manager	=1.52.1-1 \|\| =1.54.0-1 \|\| =1.54.0-2 \|\| =1.54.0-3 \|\| =1.54.0-4 \|\| =1.54.1-1 \|\| =1.54.2-1 \|\| =1.54.2-2 \|\| =1.54.2-3 \|\| =1.54.3-1 \|\| =1.54.3-2 \|\| =1.56.0-1 \|\| =1.56.0-2 \|\| =1.56.0-3 \|\| =1.56.0-4 \|\| =1.56.0-5 \|\| =1.56.0-6	-
debian 14	network-manager	=1.52.1-1 \|\| =1.54.0-1 \|\| =1.54.0-2 \|\| =1.54.0-3 \|\| =1.54.0-4 \|\| =1.54.1-1 \|\| =1.54.2-1 \|\| =1.54.2-2 \|\| =1.54.2-3 \|\| >=0 <1.54.3-1	1.54.3-1
debian 11	network-manager	=1.30.0-2 \|\| =1.30.6-1 \|\| =1.30.6-1+deb11u1 \|\| =1.32.12-1 \|\| =1.34.0-1 \|\| =1.34.0-2 \|\| =1.35.91-1 \|\| =1.35.92-1 \|\| =1.36.0-1 \|\| =1.36.0-2 \|\| =1.36.2-1 \|\| =1.36.4-1 \|\| =1.36.4-2 \|\| =1.37.92-1 \|\| =1.37.92-1~bpo11+1 \|\| =1.38.0-1 \|\| =1.38.0-2 \|\| =1.38.0-2~bpo11+1 \|\| =1.38.2-1 \|\| =1.38.4-1 \|\| =1.38.4-1~bpo11+1 \|\| =1.39.90-1 \|\| =1.39.90-2 \|\| =1.40.0-1 \|\| =1.40.0-1~bpo11+1 \|\| =1.40.10-1 \|\| =1.40.12-1 \|\| =1.40.12-1~bpo11+1 \|\| =1.40.2-1 \|\| =1.40.4-1 \|\| =1.40.6-1 \|\| =1.40.6-1~bpo11+1 \|\| =1.40.8-1 \|\| =1.40.8-1~bpo11+1 \|\| =1.42.0-1 \|\| =1.42.2-1 \|\| =1.42.2-2 \|\| =1.42.4-1 \|\| =1.42.4-1~bpo11+1 \|\| =1.42.6-1 \|\| =1.42.6-2 \|\| =1.42.8-1 \|\| =1.44.0-1 \|\| =1.44.2-1 \|\| =1.44.2-2 \|\| =1.44.2-3 \|\| =1.44.2-4 \|\| =1.44.2-5 \|\| =1.44.2-6 \|\| =1.44.2-7 \|\| =1.45.90-1 \|\| =1.45.91-1 \|\| =1.46.0-1 \|\| =1.46.0-2 \|\| =1.47.90-1 \|\| =1.47.90-2 \|\| =1.47.91-1 \|\| =1.48.0-1 \|\| =1.48.10-1 \|\| =1.48.2-1 \|\| =1.48.4-1 \|\| =1.48.6-1 \|\| =1.48.8-1 \|\| =1.49.90-1 \|\| =1.49.90-2 \|\| =1.49.91-1 \|\| =1.50.0-1 \|\| =1.50.1-1 \|\| =1.50.2-1 \|\| =1.50.3-1 \|\| =1.51.90-1 \|\| =1.52.0-1 \|\| =1.52.0-2 \|\| =1.52.0-3 \|\| =1.52.0-4 \|\| =1.52.0-5 \|\| =1.52.0-6 \|\| =1.52.1-1 \|\| =1.54.0-1 \|\| =1.54.0-2 \|\| =1.54.0-3 \|\| =1.54.0-4 \|\| =1.54.1-1 \|\| =1.54.2-1 \|\| =1.54.2-2 \|\| =1.54.2-3 \|\| =1.54.3-1 \|\| =1.54.3-2 \|\| =1.56.0-1 \|\| =1.56.0-2 \|\| =1.56.0-3 \|\| =1.56.0-4 \|\| =1.56.0-5 \|\| =1.56.0-6	-
rpm rhel7	NetworkManager	-	-
rpm rhel6	NetworkManager	-	-
rpm rhel10	NetworkManager	<1:1.56.0-1.el10	1:1.56.0-1.el10
rpm rhel8	NetworkManager	-	-
rpm rhel9	NetworkManager	<1:1.54.3-2.el9	1:1.54.3-2.el9

Aliases

1. CVE-2025-96152. NVD-2025-96153. OSV-DEBIAN-2025-96154. OSV-2025-96155. SECURITY-TRACKER-CVE-2025-9615

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.