A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description (MUD) URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL, provided an administrator has explicitly configured NetworkManager to use dhclient. This issue does not affect default configurations of NetworkManager.
To prevent exploitation, ensure NetworkManager is not configured to use the dhclient backend. The default configuration on Red Hat Enterprise Linux does not enable dhclient. If a custom configuration file, such as /etc/NetworkManager/conf.d/00-dhcp.conf, contains [main] dhcp=dhclient, remove or comment out this line. After modifying the configuration, restart the NetworkManager service: sudo systemctl restart NetworkManager Warning: Restarting the NetworkManager service will temporarily disrupt network connectivity.