CVE-2015-0272

Опубликовано: 23 фев. 2015

Источник: redhat

CVSS2: 4.3

EPSS Низкий

Описание

GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.

It was discovered that NetworkManager would set device MTUs based on MTU values received in IPv6 RAs (Router Advertisements), without sanity checking the MTU value first. A remote attacker could exploit this flaw to create a denial of service attack, by sending a specially crafted IPv6 RA packet to disturb IPv6 communication.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	NetworkManager	Not affected
Red Hat Enterprise Linux 6	NetworkManager	Not affected
Red Hat Enterprise Linux 7	ModemManager	Fixed	RHSA-2015:2315	19.11.2015
Red Hat Enterprise Linux 7	NetworkManager	Fixed	RHSA-2015:2315	19.11.2015
Red Hat Enterprise Linux 7	network-manager-applet	Fixed	RHSA-2015:2315	19.11.2015
Red Hat Enterprise Linux 7	NetworkManager-libreswan	Fixed	RHSA-2015:2315	19.11.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-20

https://bugzilla.redhat.com/show_bug.cgi?id=1192132NetworkManager: remote DoS using IPv6 RA with bogus MTU

EPSS

Процентиль: 75%

0.00911

Низкий

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2015-0272

ubuntu

почти 10 лет назад

CVE-2015-0272

nvd

почти 10 лет назад

CVE-2015-0272

debian

почти 10 лет назад

GNOME NetworkManager allows remote attackers to cause a denial of serv ...

GHSA-h8v5-955j-7j67

github

больше 3 лет назад

ELSA-2015-2315

oracle-oval

почти 10 лет назад

ELSA-2015-2315: NetworkManager security, bug fix, and enhancement update (MODERATE)

EPSS

Процентиль: 75%

0.00911

Низкий

4.3 Medium

CVSS2