CVE-2015-8787

Ubuntu Security Notice USN-2889-2

Severity Score

9.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c in the Linux kernel before 4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by sending certain IPv4 packets to an incompletely configured interface, a related issue to CVE-2003-1604.

La función nf_nat_redirect_ipv4 en net/netfilter/nf_nat_redirect.c en el kernel de Linux en versiones anteriores a 4.4 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL y caída del sistema) o posiblemente tener otro impacto no especificado enviando ciertos paquetes IPv4 a una interfaz configurada incompletamente, un caso relacionado con CVE-2003-1604.

It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. It was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). Various other issues were also addressed.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2016-01-27 CVE Reserved
2016-02-02 CVE Published
2024-08-06 CVE Updated
2025-07-09 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-476: NULL Pointer Dereference

CAPEC

References (14)

URL	Tag	Source
http://www.openwall.com/lists/oss-security/2016/01/27/6	Mailing List
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1300731	Issue Tracking

URL	Date	SRC

URL	Date	SRC
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=94f9cd81436c85d8c3a318ba92e236ede73752fc	2023-01-19
https://github.com/torvalds/linux/commit/94f9cd81436c85d8c3a318ba92e236ede73752fc	2023-01-19

URL	Date	SRC
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176464.html	2023-01-19
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html	2023-01-19
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html	2023-01-19
http://www.ubuntu.com/usn/USN-2889-1	2023-01-19
http://www.ubuntu.com/usn/USN-2889-2	2023-01-19
http://www.ubuntu.com/usn/USN-2890-1	2023-01-19
http://www.ubuntu.com/usn/USN-2890-2	2023-01-19
http://www.ubuntu.com/usn/USN-2890-3	2023-01-19

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.19 < 4.1.31 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.19 < 4.1.31"		-		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.2 < 4.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.2 < 4.4"		-		Affected