<?xml version="1.0" encoding="UTF-8"?>
<cvrfdoc xmlns="http://www.icasi.org/CVRF/schema/cvrf/1.1" xmlns:cvrf="http://www.icasi.org/CVRF/schema/cvrf/1.1">
	<DocumentTitle xml:lang="en">An update for NetworkManager is now available for openEuler-24.03-LTS-SP3</DocumentTitle>
	<DocumentType>Security Advisory</DocumentType>
	<DocumentPublisher Type="Vendor">
		<ContactDetails>openeuler-security@openeuler.org</ContactDetails>
		<IssuingAuthority>openEuler security committee</IssuingAuthority>
	</DocumentPublisher>
	<DocumentTracking>
		<Identification>
			<ID>openEuler-SA-2026-2825</ID>
		</Identification>
		<Status>Final</Status>
		<Version>1.0</Version>
		<RevisionHistory>
			<Revision>
				<Number>1.0</Number>
				<Date>2026-07-06</Date>
				<Description>Initial</Description>
			</Revision>
		</RevisionHistory>
		<InitialReleaseDate>2026-07-06</InitialReleaseDate>
		<CurrentReleaseDate>2026-07-06</CurrentReleaseDate>
		<Generator>
			<Engine>openEuler SA Tool V1.0</Engine>
			<Date>2026-07-06</Date>
		</Generator>
	</DocumentTracking>
	<DocumentNotes>
		<Note Title="Synopsis" Type="General" Ordinal="1" xml:lang="en">NetworkManager security update</Note>
		<Note Title="Summary" Type="General" Ordinal="2" xml:lang="en">An update for NetworkManager is now available for openEuler-24.03-LTS-SP3</Note>
		<Note Title="Description" Type="General" Ordinal="3" xml:lang="en">NetworkManager attempts to keep an active network connection available at all times.  The point of NetworkManager is to make networking configuration and setup as painless and automatic as possible. If using DHCP, NetworkManager is intended to replace default routes, obtain IP addresses from a DHCP server, and change name servers whenever it sees fit.

Security Fix(es):

A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager&apos;s dhclient backend when processing malformed Manufacturer Usage Description (MUD) URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL, provided an administrator has explicitly configured NetworkManager to use dhclient. This issue does not affect default configurations of NetworkManager.(CVE-2026-10805)</Note>
		<Note Title="Topic" Type="General" Ordinal="4" xml:lang="en">An update for NetworkManager is now available for openEuler-24.03-LTS-SP3.

openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.</Note>
		<Note Title="Severity" Type="General" Ordinal="5" xml:lang="en">Medium</Note>
		<Note Title="Affected Component" Type="General" Ordinal="6" xml:lang="en">NetworkManager</Note>
	</DocumentNotes>
	<DocumentReferences>
		<Reference Type="Self">
			<URL>https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2825</URL>
		</Reference>
		<Reference Type="openEuler CVE">
			<URL>https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-10805</URL>
		</Reference>
		<Reference Type="Other">
			<URL>https://nvd.nist.gov/vuln/detail/CVE-2026-10805</URL>
		</Reference>
	</DocumentReferences>
	<ProductTree xmlns="http://www.icasi.org/CVRF/schema/prod/1.1">
		<Branch Type="Product Name" Name="openEuler">
			<FullProductName ProductID="openEuler-24.03-LTS-SP3" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">openEuler-24.03-LTS-SP3</FullProductName>
		</Branch>
		<Branch Type="Package Arch" Name="aarch64">
			<FullProductName ProductID="NetworkManager-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-1.44.2-7.oe2403sp3.aarch64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-bluetooth-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-bluetooth-1.44.2-7.oe2403sp3.aarch64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-cloud-setup-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-cloud-setup-1.44.2-7.oe2403sp3.aarch64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-debuginfo-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-debuginfo-1.44.2-7.oe2403sp3.aarch64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-debugsource-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-debugsource-1.44.2-7.oe2403sp3.aarch64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-libnm-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-libnm-1.44.2-7.oe2403sp3.aarch64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-libnm-devel-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-libnm-devel-1.44.2-7.oe2403sp3.aarch64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-ppp-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-ppp-1.44.2-7.oe2403sp3.aarch64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-team-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-team-1.44.2-7.oe2403sp3.aarch64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-wifi-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-wifi-1.44.2-7.oe2403sp3.aarch64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-wwan-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-wwan-1.44.2-7.oe2403sp3.aarch64.rpm</FullProductName>
		</Branch>
		<Branch Type="Package Arch" Name="src">
			<FullProductName ProductID="NetworkManager-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-1.44.2-7.oe2403sp3.src.rpm</FullProductName>
		</Branch>
		<Branch Type="Package Arch" Name="x86_64">
			<FullProductName ProductID="NetworkManager-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-1.44.2-7.oe2403sp3.x86_64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-bluetooth-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-bluetooth-1.44.2-7.oe2403sp3.x86_64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-cloud-setup-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-cloud-setup-1.44.2-7.oe2403sp3.x86_64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-debuginfo-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-debuginfo-1.44.2-7.oe2403sp3.x86_64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-debugsource-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-debugsource-1.44.2-7.oe2403sp3.x86_64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-libnm-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-libnm-1.44.2-7.oe2403sp3.x86_64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-libnm-devel-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-libnm-devel-1.44.2-7.oe2403sp3.x86_64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-ppp-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-ppp-1.44.2-7.oe2403sp3.x86_64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-team-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-team-1.44.2-7.oe2403sp3.x86_64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-wifi-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-wifi-1.44.2-7.oe2403sp3.x86_64.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-wwan-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-wwan-1.44.2-7.oe2403sp3.x86_64.rpm</FullProductName>
		</Branch>
		<Branch Type="Package Arch" Name="noarch">
			<FullProductName ProductID="NetworkManager-config-server-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-config-server-1.44.2-7.oe2403sp3.noarch.rpm</FullProductName>
			<FullProductName ProductID="NetworkManager-help-1.44.2-7" CPE="cpe:/a:openEuler:openEuler:24.03-LTS-SP3">NetworkManager-help-1.44.2-7.oe2403sp3.noarch.rpm</FullProductName>
		</Branch>
	</ProductTree>
	<Vulnerability Ordinal="1" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
		<Notes>
			<Note Title="Vulnerability Description" Type="General" Ordinal="1" xml:lang="en">A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager&apos;s dhclient backend when processing malformed Manufacturer Usage Description (MUD) URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL, provided an administrator has explicitly configured NetworkManager to use dhclient. This issue does not affect default configurations of NetworkManager.</Note>
		</Notes>
		<ReleaseDate>2026-07-06</ReleaseDate>
		<CVE>CVE-2026-10805</CVE>
		<ProductStatuses>
			<Status Type="Fixed">
				<ProductID>openEuler-24.03-LTS-SP3</ProductID>
			</Status>
		</ProductStatuses>
		<Threats>
			<Threat Type="Impact">
				<Description>Medium</Description>
			</Threat>
		</Threats>
		<CVSSScoreSets>
			<ScoreSet>
				<BaseScore>6.7</BaseScore>
				<Vector>AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H</Vector>
			</ScoreSet>
		</CVSSScoreSets>
		<Remediations>
			<Remediation Type="Vendor Fix">
				<Description>NetworkManager security update</Description>
				<DATE>2026-07-06</DATE>
				<URL>https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2825</URL>
			</Remediation>
		</Remediations>
	</Vulnerability>
</cvrfdoc>