CVE-2015-2922

CVE Details

Release Date:	2015-03-24
Impact:	Low	What is this?

Description

The ndisc_router_discovery function in net/ipv6/ndisc.c in theNeighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.

See more information about CVE-2015-2922 from MITRE CVE dictionary and NIST NVD

NOTE: The following CVSS metrics and score provided are preliminary and subject to review.

CVSS v2 metrics

Base Score:	3.3
Vector String:	AV:A/AC:L/Au:N/C:N/I:N/A:P
Version:	2.0
Attack Vector:	Adjacent Network
Attack Complexity:	Low
Authentication:	None
Confidentiality Impact:	None
Integrity Impact:	None
Availability Impact:	Partial

Errata information

Platform	Errata	Release Date
Oracle Linux version 5 (kernel-uek)	ELSA-2015-3049	2015-07-16
Oracle Linux version 5 (kernel-uek)	ELSA-2015-3050	2015-07-16
Oracle Linux version 5 (mlnx_en-2.6.32-400.37.7.el5uek)	ELSA-2015-3050	2015-07-16
Oracle Linux version 5 (ofa-2.6.32-400.37.7.el5uek)	ELSA-2015-3050	2015-07-16
Oracle Linux version 6 (dtrace-modules-3.8.13-68.3.4.el6uek)	ELSA-2015-3048	2015-07-15
Oracle Linux version 6 (kernel)	ELSA-2015-1221	2015-07-14
Oracle Linux version 6 (kernel-uek)	ELSA-2015-3048	2015-07-15
Oracle Linux version 6 (kernel-uek)	ELSA-2015-3049	2015-07-16
Oracle Linux version 6 (kernel-uek)	ELSA-2015-3050	2015-07-16
Oracle Linux version 6 (mlnx_en-2.6.32-400.37.7.el6uek)	ELSA-2015-3050	2015-07-16
Oracle Linux version 6 (ofa-2.6.32-400.37.7.el6uek)	ELSA-2015-3050	2015-07-16
Oracle Linux version 7 (dtrace-modules-3.8.13-68.3.4.el7uek)	ELSA-2015-3048	2015-07-15
Oracle Linux version 7 (kernel)	ELSA-2015-1534	2015-08-05
Oracle Linux version 7 (kernel-uek)	ELSA-2015-3048	2015-07-15
Oracle VM version 3.2 (kernel-uek)	OVMSA-2016-0037	2016-03-16
Oracle VM version 3.3 (kernel-uek)	OVMSA-2015-0094	2015-07-20