It was found that the Windows Virtio NIC driver did not sufficiently sanitize the length of the incoming IP packets, as demonstrated by a packet with IP options present but the overall packet length not being adjusted to reflect the length of those options. A remote attacker able to send a specially crafted IP packet to the guest could use this flaw to crash that guest.
Find out more about CVE-2015-3215 from the MITRE CVE dictionary dictionary and NIST NVD.
This issue does affect the virtio-win packages as shipped with Red Hat Enteprise Linux 6 and 7. Future updates for the respective releases will address this issue.
| Base Score | 6.1 |
|---|---|
| Base Metrics | AV:A/AC:L/Au:N/C:N/I:N/A:C |
| Access Vector | Adjacent Network |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | None |
| Integrity Impact | None |
| Availability Impact | Complete |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Enterprise Linux Supplementary (v. 7) (virtio-win) | RHSA-2015:1044 | 2015-06-03 |
| Red Hat Enterprise Linux Supplementary (v. 6) (virtio-win) | RHSA-2015:1043 | 2015-06-03 |
| Platform | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 5 | virtio-win | Will not fix |
Vulmon