CVE-2015-2924
NetworkManager: denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in NetworkManager 1.x allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message, a similar issue to CVE-2015-2922.
La función receive_ra en rdisc/nm-lndp-rdisc.c en la implementación del protocolo Neighbor Discovery (ND) en la pila IPv6 en NetworkManager 1.x permite a atacantes remotos reconfigurar un ajuste de límite de salto a través de un valor hop_limit pequeño en un mensaje Router Advertisement (RA), un problema similar a CVE-2015-2922.
A flaw was found in the way NetworkManager handled router advertisements. An unprivileged user on a local network could use IPv6 Neighbor Discovery ICMP to broadcast a non-route with a low hop limit, causing machines to lower the hop limit on existing IPv6 routes. If this limit is small enough, IPv6 packets would be dropped before reaching the final destination.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-04-04 CVE Reserved
- 2015-09-25 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-358: Improperly Implemented Security Check for Standard
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://openwall.com/lists/oss-security/2015/04/04/2 | Mailing List | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | X_refsource_confirm |
|
| http://www.securityfocus.com/bid/76879 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Networkmanager Project Search vendor "Networkmanager Project" | Networkmanager Search vendor "Networkmanager Project" for product "Networkmanager" | <= 1.0.7 Search vendor "Networkmanager Project" for product "Networkmanager" and version " <= 1.0.7" | dev |
Affected
| ||||||