CVE-2015-0272

CWE-20Improper Input Validation18 documents8 sources
Severity
5.0MEDIUM
EPSS
1.1%
top 22.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Gnome NetworkmanagerCanonical Ubuntu LinuxOracle Linux+6 more
Timeline
PublishedNov 17
Latest updateMay 13

Description

GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages12 packages

Ubuntulinux< 3.13.0-66.108
Debiannetwork-manager< 1.0.4-1+3
Ubuntulinux-lts-vivid< 3.19.0-31.36~14.04.1
Ubuntulinux-lts-utopic< 3.16.0-52.71~14.04.1

Also affects: Ubuntu Linux 12.04

Patches

Patch: cgit.freedesktop.orgPatch: cgit.freedesktop.org

🔴Vulnerability Details

6
GHSA
GHSA-h8v5-955j-7j67: GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertis2022-05-13
CVEList
CVE-2015-0272: GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertis2015-11-17
OSV
CVE-2015-0272: GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertis2015-11-17
OSV
linux-lts-utopic vulnerabilities2015-11-05
OSV
linux-lts-vivid vulnerabilities2015-10-20

📋Vendor Advisories

9
Ubuntu
Linux kernel vulnerabilities2015-11-05
Ubuntu
Linux kernel (Utopic HWE) vulnerabilities2015-11-05
Ubuntu
Linux kernel (OMAP4) vulnerabilities2015-11-05
Ubuntu
Linux kernel vulnerabilities2015-10-20
Ubuntu
Linux kernel (Vivid HWE) vulnerabilities2015-10-20

💬Community

2
Bugzilla
CVE-2015-0272 NetworkManager: kernel: remote DoS using IPv6 RA with bogus MTU [fedora-all]2015-09-08
Bugzilla
CVE-2015-0272 NetworkManager: remote DoS using IPv6 RA with bogus MTU2015-02-12