QwikSec

Security Database

CVE

CWE

Training

CVE-2015-8215

Published: Nov 16, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272. NOTE: the scope of CVE-2015-0272 is limited to the NetworkManager product.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

SUSE-SU-2015:2292

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_REDHAT

SUSE-SU-2015:2350

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_DEBIAN

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

x_refsource_CONFIRM

SUSE-SU-2015:2194

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:0354

vendor-advisory

x_refsource_SUSE

SUSE-SU-2015:2339

vendor-advisory

x_refsource_SUSE

https://bugs.launchpad.net/bugs/1500810

x_refsource_CONFIRM

https://bugzilla.novell.com/show_bug.cgi?id=944296

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

SUSE-SU-2016:2074

vendor-advisory

x_refsource_SUSE

https://github.com/torvalds/linux/commit/77751427a1ff25b27d47a4c36b12c3c8667855ac

x_refsource_CONFIRM

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77751427a1ff25b27d47a4c36b12c3c8667855ac

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1192132

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.