Published: 27/05/2015 Updated: 07/11/2023

CVSS v2 Base Score: 3.3 | Impact Score: 2.9 | Exploitability Score: 6.5

VMScore: 294

Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P

The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel prior to 3.19.6 allows remote malicious users to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
fedoraproject fedora 22
fedoraproject fedora 20
fedoraproject fedora 21
oracle linux 5.0
oracle solaris 11.3
redhat enterprise mrg 2.5
debian debian linux 8.0
debian debian linux 7.0

Debian Bug report logs - #782107 kfreebsd-10: CVE-2015-2923: IPv6 Hop limit lowering via RA messages Package: src:kfreebsd-10; Maintainer for src:kfreebsd-10 is GNU/kFreeBSD Maintainers <debian-bsd@listsdebianorg>; Reported by: Steven Chamberlain <steven@pyroeuorg> Date: Tue, 7 Apr 2015 21:45:07 UTC Severity: gr ...

Debian Bug report logs - #782561 Buffer overruns in Linux kernel RFC4106 implementation using AESNI (CVE-2015-3331) Package: src:linux; Maintainer for src:linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Reported by: Romain Francoise <rfrancoise@debianorg> Date: Tue, 14 Apr 2015 08:57:02 UTC Severity: n ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2014-8159 It was found that the Linux kernel's InfiniBand/RDMA subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API ...

The system could be made to run programs as an administrator ...

Several security issues were fixed in the kernel ...

The system could be made to run programs as an administrator ...

Several security issues were fixed in the kernel ...

It was found that the Linux kernel's TCP/IP protocol suite implementation for IPv6 allowed the Hop Limit value to be set to a smaller value than the default one An attacker on a local network could use this flaw to prevent systems on that network from sending or receiving network packets ...

CWE-17 https://github.com/torvalds/linux/commit/6fd99094de2b83d1d4c8457f2c83483b2828e75a http://www.openwall.com/lists/oss-security/2015/04/04/2 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6 https://bugzilla.redhat.com/show_bug.cgi?id=1203712 http://www.debian.org/security/2015/dsa-3237 http://rhn.redhat.com/errata/RHSA-2015-1564.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.securityfocus.com/bid/74315 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html http://rhn.redhat.com/errata/RHSA-2015-1534.html http://www.securitytracker.com/id/1032417 http://rhn.redhat.com/errata/RHSA-2015-1221.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6fd99094de2b83d1d4c8457f2c83483b2828e75a https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782107 https://usn.ubuntu.com/2586-1/https://access.redhat.com/security/cve/cve-2015-2922 https://www.debian.org/security/./dsa-3237

CVE-2015-2922

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect