CVE-2015-2922 - Vulnerability Details

Vendors	Products
Debian	Debian Linux
Fedoraproject	Fedora
Linux	Linux Kernel
Oracle	Linux Solaris
Redhat	Enterprise Linux Enterprise Mrg Rhel Extras Rt

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 6
kernel-0:2.6.32-504.30.3.el6	cpe:/o:redhat:enterprise_linux:6	RHSA-2015:1221	2015-07-14T00:00:00Z
Red Hat Enterprise Linux 7
kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1	cpe:/a:redhat:rhel_extras_rt:7	RHSA-2015:1565	2015-08-05T00:00:00Z
kernel-0:3.10.0-229.11.1.ael7b	cpe:/o:redhat:enterprise_linux:7	RHSA-2015:1534	2015-08-06T00:00:00Z
Red Hat Enterprise MRG 2
kernel-rt-1:3.10.0-229.rt56.158.el6rt	cpe:/a:redhat:enterprise_mrg:2:server:el6	RHSA-2015:1564	2015-08-05T00:00:00Z

Link	Providers
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6fd99094de2b83d1d4c8457f2c83483b2828e75a
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
http://rhn.redhat.com/errata/RHSA-2015-1221.html
http://rhn.redhat.com/errata/RHSA-2015-1534.html
http://rhn.redhat.com/errata/RHSA-2015-1564.html
http://www.debian.org/security/2015/dsa-3237
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6
http://www.openwall.com/lists/oss-security/2015/04/04/2
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.securityfocus.com/bid/74315
http://www.securitytracker.com/id/1032417
https://bugzilla.redhat.com/show_bug.cgi?id=1203712
https://github.com/torvalds/linux/commit/6fd99094de2b83d1d4c8457f2c83483b2828e75a
https://nvd.nist.gov/vuln/detail/CVE-2015-2922
https://www.cve.org/CVERecord?id=CVE-2015-2922

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-04-03T00:00:00", "descriptions": [{"lang": "en", "value": "The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-04T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "FEDORA-2015-6100", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html"}, {"name": "FEDORA-2015-6294", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"name": "DSA-3237", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2015/dsa-3237"}, {"name": "openSUSE-SU-2015:1382", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"}, {"name": "FEDORA-2015-6320", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html"}, {"name": "1032417", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1032417"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6"}, {"name": "SUSE-SU-2015:1478", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html"}, {"name": "[oss-security] 20150404 Re: CVE Request : IPv6 Hop limit lowering via RA messages", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2015/04/04/2"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203712"}, {"name": "RHSA-2015:1534", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1534.html"}, {"name": "RHSA-2015:1564", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1564.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/6fd99094de2b83d1d4c8457f2c83483b2828e75a"}, {"name": "SUSE-SU-2015:1224", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"}, {"name": "74315", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/74315"}, {"name": "RHSA-2015:1221", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1221.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6fd99094de2b83d1d4c8457f2c83483b2828e75a"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-2922", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "FEDORA-2015-6100", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html"}, {"name": "FEDORA-2015-6294", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html"}, {"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"name": "DSA-3237", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3237"}, {"name": "openSUSE-SU-2015:1382", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"}, {"name": "FEDORA-2015-6320", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html"}, {"name": "1032417", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1032417"}, {"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6", "refsource": "CONFIRM", "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6"}, {"name": "SUSE-SU-2015:1478", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html"}, {"name": "[oss-security] 20150404 Re: CVE Request : IPv6 Hop limit lowering via RA messages", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/04/04/2"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1203712", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203712"}, {"name": "RHSA-2015:1534", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1534.html"}, {"name": "RHSA-2015:1564", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1564.html"}, {"name": "https://github.com/torvalds/linux/commit/6fd99094de2b83d1d4c8457f2c83483b2828e75a", "refsource": "CONFIRM", "url": "https://github.com/torvalds/linux/commit/6fd99094de2b83d1d4c8457f2c83483b2828e75a"}, {"name": "SUSE-SU-2015:1224", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"}, {"name": "74315", "refsource": "BID", "url": "http://www.securityfocus.com/bid/74315"}, {"name": "RHSA-2015:1221", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1221.html"}, {"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6fd99094de2b83d1d4c8457f2c83483b2828e75a", "refsource": "CONFIRM", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6fd99094de2b83d1d4c8457f2c83483b2828e75a"}, {"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T05:32:20.794Z"}, "title": "CVE Program Container", "references": [{"name": "FEDORA-2015-6100", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html"}, {"name": "FEDORA-2015-6294", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"name": "DSA-3237", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2015/dsa-3237"}, {"name": "openSUSE-SU-2015:1382", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"}, {"name": "FEDORA-2015-6320", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html"}, {"name": "1032417", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1032417"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6"}, {"name": "SUSE-SU-2015:1478", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html"}, {"name": "[oss-security] 20150404 Re: CVE Request : IPv6 Hop limit lowering via RA messages", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2015/04/04/2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203712"}, {"name": "RHSA-2015:1534", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1534.html"}, {"name": "RHSA-2015:1564", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1564.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/6fd99094de2b83d1d4c8457f2c83483b2828e75a"}, {"name": "SUSE-SU-2015:1224", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"}, {"name": "74315", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/74315"}, {"name": "RHSA-2015:1221", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1221.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6fd99094de2b83d1d4c8457f2c83483b2828e75a"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-2922", "datePublished": "2015-05-27T10:00:00", "dateReserved": "2015-04-04T00:00:00", "dateUpdated": "2024-08-06T05:32:20.794Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2015-04-03T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2018-01-04T19:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : FEDORA-2015-6100 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html (string)

}

1 : { »

name : FEDORA-2015-6294 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html (string)

}

3 : { »

name : DSA-3237 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_DEBIAN (string)

]

url : http://www.debian.org/security/2015/dsa-3237 (string)

}

4 : { »

name : openSUSE-SU-2015:1382 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html (string)

}

5 : { »

name : FEDORA-2015-6320 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html (string)

}

6 : { »

name : 1032417 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id/1032417 (string)

}

7 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6 (string)

}

8 : { »

name : SUSE-SU-2015:1478 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html (string)

}

9 : { »

name : [oss-security] 20150404 Re: CVE Request : IPv6 Hop limit lowering via RA messages (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://www.openwall.com/lists/oss-security/2015/04/04/2 (string)

}

10 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://bugzilla.redhat.com/show_bug.cgi?id=1203712 (string)

}

11 : { »

name : RHSA-2015:1534 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : http://rhn.redhat.com/errata/RHSA-2015-1534.html (string)

}

12 : { »

name : RHSA-2015:1564 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : http://rhn.redhat.com/errata/RHSA-2015-1564.html (string)

}

13 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://github.com/torvalds/linux/commit/6fd99094de2b83d1d4c8457f2c83483b2828e75a (string)

}

14 : { »

name : SUSE-SU-2015:1224 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html (string)

}

15 : { »

name : 74315 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/74315 (string)

}

16 : { »

name : RHSA-2015:1221 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : http://rhn.redhat.com/errata/RHSA-2015-1221.html (string)

}

17 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6fd99094de2b83d1d4c8457f2c83483b2828e75a (string)

}

18 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2015-2922 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : FEDORA-2015-6100 (string)

refsource : FEDORA (string)

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html (string)

}

1 : { »

name : FEDORA-2015-6294 (string)

refsource : FEDORA (string)

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html (string)

}

2 : { »

name : http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html (string)

refsource : CONFIRM (string)

url : http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html (string)

}

3 : { »

name : DSA-3237 (string)

refsource : DEBIAN (string)

url : http://www.debian.org/security/2015/dsa-3237 (string)

}

4 : { »

name : openSUSE-SU-2015:1382 (string)

refsource : SUSE (string)

url : http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html (string)

}

5 : { »

name : FEDORA-2015-6320 (string)

refsource : FEDORA (string)

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html (string)

}

6 : { »

name : 1032417 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id/1032417 (string)

}

7 : { »

name : http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6 (string)

refsource : CONFIRM (string)

url : http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6 (string)

}

8 : { »

name : SUSE-SU-2015:1478 (string)

refsource : SUSE (string)

url : http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html (string)

}

9 : { »

name : [oss-security] 20150404 Re: CVE Request : IPv6 Hop limit lowering via RA messages (string)

refsource : MLIST (string)

url : http://www.openwall.com/lists/oss-security/2015/04/04/2 (string)

}

10 : { »

name : https://bugzilla.redhat.com/show_bug.cgi?id=1203712 (string)

refsource : CONFIRM (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=1203712 (string)

}

11 : { »

name : RHSA-2015:1534 (string)

refsource : REDHAT (string)

url : http://rhn.redhat.com/errata/RHSA-2015-1534.html (string)

}

12 : { »

name : RHSA-2015:1564 (string)

refsource : REDHAT (string)

url : http://rhn.redhat.com/errata/RHSA-2015-1564.html (string)

}

13 : { »

name : https://github.com/torvalds/linux/commit/6fd99094de2b83d1d4c8457f2c83483b2828e75a (string)

refsource : CONFIRM (string)

url : https://github.com/torvalds/linux/commit/6fd99094de2b83d1d4c8457f2c83483b2828e75a (string)

}

14 : { »

name : SUSE-SU-2015:1224 (string)

refsource : SUSE (string)

url : http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html (string)

}

15 : { »

name : 74315 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/74315 (string)

}

16 : { »

name : RHSA-2015:1221 (string)

refsource : REDHAT (string)

url : http://rhn.redhat.com/errata/RHSA-2015-1221.html (string)

}

17 : { »

name : http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6fd99094de2b83d1d4c8457f2c83483b2828e75a (string)

refsource : CONFIRM (string)

url : http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6fd99094de2b83d1d4c8457f2c83483b2828e75a (string)

}

18 : { »

name : http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html (string)

refsource : CONFIRM (string)

url : http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T05:32:20.794Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : FEDORA-2015-6100 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

2 : x_transferred (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html (string)

}

1 : { »

name : FEDORA-2015-6294 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

2 : x_transferred (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html (string)

}

3 : { »

name : DSA-3237 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_DEBIAN (string)

2 : x_transferred (string)

]

url : http://www.debian.org/security/2015/dsa-3237 (string)

}

4 : { »

name : openSUSE-SU-2015:1382 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html (string)

}

5 : { »

name : FEDORA-2015-6320 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

2 : x_transferred (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html (string)

}

6 : { »

name : 1032417 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id/1032417 (string)

}

7 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6 (string)

}

8 : { »

name : SUSE-SU-2015:1478 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html (string)

}

9 : { »

name : [oss-security] 20150404 Re: CVE Request : IPv6 Hop limit lowering via RA messages (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://www.openwall.com/lists/oss-security/2015/04/04/2 (string)

}

10 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://bugzilla.redhat.com/show_bug.cgi?id=1203712 (string)

}

11 : { »

name : RHSA-2015:1534 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : http://rhn.redhat.com/errata/RHSA-2015-1534.html (string)

}

12 : { »

name : RHSA-2015:1564 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : http://rhn.redhat.com/errata/RHSA-2015-1564.html (string)

}

13 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://github.com/torvalds/linux/commit/6fd99094de2b83d1d4c8457f2c83483b2828e75a (string)

}

14 : { »

name : SUSE-SU-2015:1224 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html (string)

}

15 : { »

name : 74315 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/74315 (string)

}

16 : { »

name : RHSA-2015:1221 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : http://rhn.redhat.com/errata/RHSA-2015-1221.html (string)

}

17 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6fd99094de2b83d1d4c8457f2c83483b2828e75a (string)

}

18 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2015-2922 (string)

datePublished : 2015-05-27T10:00:00 (string)

dateReserved : 2015-04-04T00:00:00 (string)

dateUpdated : 2024-08-06T05:32:20.794Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAEE6ECD-D1F2-433F-BE74-04408D3D6EA5", "versionEndIncluding": "3.19.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "E3CCD459-9E6D-4731-8054-CDF8B58454A9", "vulnerable": true}, {"criteria": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "matchCriteriaId": "79A602C5-61FE-47BA-9786-F045B6C6DBA8", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_mrg:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "8082D9CA-E5CC-4B92-9F45-E257F246069F", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message."}, {"lang": "es", "value": "La funci\u00f3n ndisc_router_discovery en net/ipv6/ndisc.c en la implementaci\u00f3n de protocolo Neighbor Discovery (ND) en la pila IPv6 en el kernel de Linux anterior a 3.19.6 permite a atacantes remotos reconfigurar una configuraci\u00f3n 'hop-limit' a trav\u00e9s de un valor hop_limit peque\u00f1o en un mensaje Router Advertisement (RA)."}], "id": "CVE-2015-2922", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-05-27T10:59:06.987", "references": [{"source": "cve@mitre.org", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6fd99094de2b83d1d4c8457f2c83483b2828e75a"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html"}, {"source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2015-1221.html"}, {"source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2015-1534.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1564.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2015/dsa-3237"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.openwall.com/lists/oss-security/2015/04/04/2"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/74315"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1032417"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203712"}, {"source": "cve@mitre.org", "url": "https://github.com/torvalds/linux/commit/6fd99094de2b83d1d4c8457f2c83483b2828e75a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6fd99094de2b83d1d4c8457f2c83483b2828e75a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2015-1221.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2015-1534.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1564.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2015/dsa-3237"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.openwall.com/lists/oss-security/2015/04/04/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/74315"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1032417"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203712"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/torvalds/linux/commit/6fd99094de2b83d1d4c8457f2c83483b2828e75a"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-17"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : EAEE6ECD-D1F2-433F-BE74-04408D3D6EA5 (string)

versionEndIncluding : 3.19.5 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:* (string)

matchCriteriaId : FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:* (string)

matchCriteriaId : 56BDB5A0-0839-4A20-A003-B8CD56F48171 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:* (string)

matchCriteriaId : 253C303A-E577-4488-93E6-68A8DD942C38 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : E3CCD459-9E6D-4731-8054-CDF8B58454A9 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 79A602C5-61FE-47BA-9786-F045B6C6DBA8 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

3 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:redhat:enterprise_mrg:2.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 8082D9CA-E5CC-4B92-9F45-E257F246069F (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

4 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 16F59A04-14CF-49E2-9973-645477EA09DA (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* (string)

matchCriteriaId : C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message. (string)

}

1 : { »

lang : es (string)

value : La función ndisc_router_discovery en net/ipv6/ndisc.c en la implementación de protocolo Neighbor Discovery (ND) en la pila IPv6 en el kernel de Linux anterior a 3.19.6 permite a atacantes remotos reconfigurar una configuración 'hop-limit' a través de un valor hop_limit pequeño en un mensaje Router Advertisement (RA). (string)

}

]

id : CVE-2015-2922 (string)

lastModified : 2025-04-12T10:46:40.837 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : LOW (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : ADJACENT_NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 3.3 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:A/AC:L/Au:N/C:N/I:N/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 6.5 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2015-05-27T10:59:06.987 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

url : http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6fd99094de2b83d1d4c8457f2c83483b2828e75a (string)

}

1 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html (string)

}

2 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html (string)

}

3 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html (string)

}

4 : { »

source : cve@mitre.org (string)

url : http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html (string)

}

5 : { »

source : cve@mitre.org (string)

url : http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html (string)

}

6 : { »

source : cve@mitre.org (string)

url : http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html (string)

}

7 : { »

source : cve@mitre.org (string)

url : http://rhn.redhat.com/errata/RHSA-2015-1221.html (string)

}

8 : { »

source : cve@mitre.org (string)

url : http://rhn.redhat.com/errata/RHSA-2015-1534.html (string)

}

9 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://rhn.redhat.com/errata/RHSA-2015-1564.html (string)

}

10 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.debian.org/security/2015/dsa-3237 (string)

}

11 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Exploit (string)

1 : Vendor Advisory (string)

]

url : http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6 (string)

}

12 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Exploit (string)

]

url : http://www.openwall.com/lists/oss-security/2015/04/04/2 (string)

}

13 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html (string)

}

14 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html (string)

}

15 : { »

source : cve@mitre.org (string)

url : http://www.securityfocus.com/bid/74315 (string)

}

16 : { »

source : cve@mitre.org (string)

url : http://www.securitytracker.com/id/1032417 (string)

}

17 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Issue Tracking (string)

]

url : https://bugzilla.redhat.com/show_bug.cgi?id=1203712 (string)

}

18 : { »

source : cve@mitre.org (string)

url : https://github.com/torvalds/linux/commit/6fd99094de2b83d1d4c8457f2c83483b2828e75a (string)

}

19 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6fd99094de2b83d1d4c8457f2c83483b2828e75a (string)

}

20 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html (string)

}

21 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html (string)

}

22 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html (string)

}

23 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html (string)

}

24 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html (string)

}

25 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html (string)

}

26 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://rhn.redhat.com/errata/RHSA-2015-1221.html (string)

}

27 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://rhn.redhat.com/errata/RHSA-2015-1534.html (string)

}

28 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://rhn.redhat.com/errata/RHSA-2015-1564.html (string)

}

29 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.debian.org/security/2015/dsa-3237 (string)

}

30 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

1 : Vendor Advisory (string)

]

url : http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6 (string)

}

31 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

]

url : http://www.openwall.com/lists/oss-security/2015/04/04/2 (string)

}

32 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html (string)

}

33 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html (string)

}

34 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securityfocus.com/bid/74315 (string)

}

35 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securitytracker.com/id/1032417 (string)

}

36 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Issue Tracking (string)

]

url : https://bugzilla.redhat.com/show_bug.cgi?id=1203712 (string)

}

37 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://github.com/torvalds/linux/commit/6fd99094de2b83d1d4c8457f2c83483b2828e75a (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-17 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"affected_release": [{"advisory": "RHSA-2015:1221", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "kernel-0:2.6.32-504.30.3.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2015-07-14T00:00:00Z"}, {"advisory": "RHSA-2015:1565", "cpe": "cpe:/a:redhat:rhel_extras_rt:7", "package": "kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2015-08-05T00:00:00Z"}, {"advisory": "RHSA-2015:1534", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kernel-0:3.10.0-229.11.1.ael7b", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2015-08-06T00:00:00Z"}, {"advisory": "RHSA-2015:1564", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "kernel-rt-1:3.10.0-229.rt56.158.el6rt", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2015-08-05T00:00:00Z"}], "bugzilla": {"description": "kernel: denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements.", "id": "1203712", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203712"}, "csaw": false, "cvss": {"cvss_base_score": "3.3", "cvss_scoring_vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "status": "verified"}, "cwe": "CWE-454", "details": ["The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.", "It was found that the Linux kernel's TCP/IP protocol suite implementation for IPv6 allowed the Hop Limit value to be set to a smaller value than the default one. An attacker on a local network could use this flaw to prevent systems on that network from sending or receiving network packets."], "name": "CVE-2015-2922", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}], "public_date": "2015-03-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-2922\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-2922"], "statement": "This issue affects the versions of the Linux kernel as shipped with\nRed Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2. Future kernel\nupdates for Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2 may\naddress this issue.\nRed Hat Enterprise Linux 5 is now in Production 3 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", "threat_severity": "Low"}

{

affected_release : [ »

0 : { »

advisory : RHSA-2015:1221 (string)

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

package : kernel-0:2.6.32-504.30.3.el6 (string)

product_name : Red Hat Enterprise Linux 6 (string)

release_date : 2015-07-14T00:00:00Z (string)

}

1 : { »

advisory : RHSA-2015:1565 (string)

cpe : cpe:/a:redhat:rhel_extras_rt:7 (string)

package : kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1 (string)

product_name : Red Hat Enterprise Linux 7 (string)

release_date : 2015-08-05T00:00:00Z (string)

}

2 : { »

advisory : RHSA-2015:1534 (string)

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

package : kernel-0:3.10.0-229.11.1.ael7b (string)

product_name : Red Hat Enterprise Linux 7 (string)

release_date : 2015-08-06T00:00:00Z (string)

}

3 : { »

advisory : RHSA-2015:1564 (string)

cpe : cpe:/a:redhat:enterprise_mrg:2:server:el6 (string)

package : kernel-rt-1:3.10.0-229.rt56.158.el6rt (string)

product_name : Red Hat Enterprise MRG 2 (string)

release_date : 2015-08-05T00:00:00Z (string)

}

]

bugzilla : { »

description : kernel: denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements. (string)

id : 1203712 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=1203712 (string)

}

csaw : false (boolean)

cvss : { »

cvss_base_score : 3.3 (string)

cvss_scoring_vector : AV:A/AC:L/Au:N/C:N/I:N/A:P (string)

status : verified (string)

}

cwe : CWE-454 (string)

details : [ »

0 : The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message. (string)

1 : It was found that the Linux kernel's TCP/IP protocol suite implementation for IPv6 allowed the Hop Limit value to be set to a smaller value than the default one. An attacker on a local network could use this flaw to prevent systems on that network from sending or receiving network packets. (string)

]

name : CVE-2015-2922 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:5 (string)

fix_state : Affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 5 (string)

}

]

public_date : 2015-03-24T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2015-2922 https://nvd.nist.gov/vuln/detail/CVE-2015-2922 (string)

]

statement : This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2 may address this issue. Red Hat Enterprise Linux 5 is now in Production 3 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/. (string)

threat_severity : Low (string)

}

Metrics

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object