// For flags

CVE-2015-2922

kernel: denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements.

Severity Score

3.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.

La función ndisc_router_discovery en net/ipv6/ndisc.c en la implementación de protocolo Neighbor Discovery (ND) en la pila IPv6 en el kernel de Linux anterior a 3.19.6 permite a atacantes remotos reconfigurar una configuración 'hop-limit' a través de un valor hop_limit pequeño en un mensaje Router Advertisement (RA).

It was found that the Linux kernel's TCP/IP protocol suite implementation for IPv6 allowed the Hop Limit value to be set to a smaller value than the default one. An attacker on a local network could use this flaw to prevent systems on that network from sending or receiving network packets.

*Credits: N/A
CVSS Scores
Attack Vector
Adjacent
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2015-04-04 CVE Reserved
  • 2015-04-27 CVE Published
  • 2023-11-08 EPSS Updated
  • 2024-08-06 CVE Updated
  • 2024-08-06 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-17: DEPRECATED: Code
  • CWE-454: External Initialization of Trusted Variables or Data Stores
CAPEC
References (20)
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
<= 3.19.5
Search vendor "Linux" for product "Linux Kernel" and version " <= 3.19.5"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
Fedora
Search vendor "Fedoraproject" for product "Fedora"
20
Search vendor "Fedoraproject" for product "Fedora" and version "20"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
Fedora
Search vendor "Fedoraproject" for product "Fedora"
21
Search vendor "Fedoraproject" for product "Fedora" and version "21"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
Fedora
Search vendor "Fedoraproject" for product "Fedora"
22
Search vendor "Fedoraproject" for product "Fedora" and version "22"
-
Affected
Oracle
Search vendor "Oracle"
Linux
Search vendor "Oracle" for product "Linux"
5.0
Search vendor "Oracle" for product "Linux" and version "5.0"
-
Affected
Oracle
Search vendor "Oracle"
Solaris
Search vendor "Oracle" for product "Solaris"
11.3
Search vendor "Oracle" for product "Solaris" and version "11.3"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Mrg
Search vendor "Redhat" for product "Enterprise Mrg"
2.5
Search vendor "Redhat" for product "Enterprise Mrg" and version "2.5"
-
Affected
Debian
Search vendor "Debian"
Debian Linux
Search vendor "Debian" for product "Debian Linux"
7.0
Search vendor "Debian" for product "Debian Linux" and version "7.0"
-
Affected
Debian
Search vendor "Debian"
Debian Linux
Search vendor "Debian" for product "Debian Linux"
8.0
Search vendor "Debian" for product "Debian Linux" and version "8.0"
-
Affected