csaf_redhat - rhsa-2015

rhsa-2015_1565

Vulnerability from csaf_redhat

Published

2015-08-05 20:13

Modified

2024-09-13 10:37

Summary

Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update

Notes

Topic

Updated kernel-rt packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Details

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. * An integer overflow flaw was found in the way the Linux kernel's netfilter connection tracking implementation loaded extensions. An attacker on a local network could potentially send a sequence of specially crafted packets that would initiate the loading of a large number of extensions, causing the targeted system in that network to crash. (CVE-2014-9715, Moderate) * A stack-based buffer overflow flaw was found in the Linux kernel's early load microcode functionality. On a system with UEFI Secure Boot enabled, a local, privileged user could use this flaw to increase their privileges to the kernel (ring0) level, bypassing intended restrictions in place. (CVE-2015-2666, Moderate) * It was found that the Linux kernel's ping socket implementation did not properly handle socket unhashing during spurious disconnects, which could lead to a use-after-free flaw. On x86-64 architecture systems, a local user able to create ping sockets could use this flaw to crash the system. On non-x86-64 architecture systems, a local user able to create ping sockets could use this flaw to escalate their privileges on the system. (CVE-2015-3636, Moderate) * It was found that the Linux kernel's TCP/IP protocol suite implementation for IPv6 allowed the Hop Limit value to be set to a smaller value than the default one. An attacker on a local network could use this flaw to prevent systems on that network from sending or receiving network packets. (CVE-2015-2922, Low) Red Hat would like to thank Nathan Hoad for reporting the CVE-2014-9715 issue. The kernel-rt packages have been upgraded to version 3.10.0-229.11.1, which provides a number of bug fixes and enhancements over the previous version, including: * drbg: Add stdrng alias and increase priority * seqiv / eseqiv / chainiv: Move IV seeding into init function * ipv4: kABI fix for 0bbf87d backport * ipv4: Convert ipv4.ip_local_port_range to be per netns * libceph: tcp_nodelay support * ipr: Increase default adapter init stage change timeout * fix use-after-free bug in usb_hcd_unlink_urb() * libceph: fix double __remove_osd() problem * ext4: fix data corruption caused by unwritten and delayed extents * sunrpc: Add missing support for RPC_CLNT_CREATE_NO_RETRANS_TIMEOUT * nfs: Fixing lease renewal (Benjamin Coddington) * control hard lockup detection default * Fix print-once on enable * watchdog: update watchdog_thresh properly and watchdog attributes atomically * module: Call module notifier on failure after complete_formation() (BZ#1234470) This update also fixes the following bugs: * The megasas driver used the smp_processor_id() function within a preemptible context, which caused warning messages to be returned to the console. The function has been changed to raw_smp_processor_id() so that a lock is held while getting the processor ID. As a result, correct operations are now allowed without any console warnings being produced. (BZ#1235304) * In the NFSv4 file system, non-standard usage of the write_seqcount_{begin,end}() functions were used, which caused the realtime code to try to sleep while locks were held. As a consequence, the "scheduling while atomic" error messages were returned. The underlying source code has been modified to use the __write_seqcount_{begin,end}() functions that do not hold any locks, allowing correct execution of realtime. (BZ#1235301) All kernel-rt users are advised to upgrade to these updated packages, which correct these issues and add these enhancements. The system must be rebooted for this update to take effect.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated kernel-rt packages that fix multiple security issues, several bugs,\nand add various enhancements are now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An integer overflow flaw was found in the way the Linux kernel\u0027s\nnetfilter connection tracking implementation loaded extensions. An attacker\non a local network could potentially send a sequence of specially crafted\npackets that would initiate the loading of a large number of extensions,\ncausing the targeted system in that network to crash. (CVE-2014-9715,\nModerate)\n\n* A stack-based buffer overflow flaw was found in the Linux kernel\u0027s early\nload microcode functionality. On a system with UEFI Secure Boot enabled, a\nlocal, privileged user could use this flaw to increase their privileges to\nthe kernel (ring0) level, bypassing intended restrictions in place.\n(CVE-2015-2666, Moderate)\n\n* It was found that the Linux kernel\u0027s ping socket implementation did not\nproperly handle socket unhashing during spurious disconnects, which could\nlead to a use-after-free flaw. On x86-64 architecture systems, a local user\nable to create ping sockets could use this flaw to crash the system.\nOn non-x86-64 architecture systems, a local user able to create ping\nsockets could use this flaw to escalate their privileges on the system.\n(CVE-2015-3636, Moderate)\n\n* It was found that the Linux kernel\u0027s TCP/IP protocol suite implementation\nfor IPv6 allowed the Hop Limit value to be set to a smaller value than the\ndefault one. An attacker on a local network could use this flaw to prevent\nsystems on that network from sending or receiving network packets.\n(CVE-2015-2922, Low)\n\nRed Hat would like to thank Nathan Hoad for reporting the CVE-2014-9715\nissue.\n\nThe kernel-rt packages have been upgraded to version 3.10.0-229.11.1, which\nprovides a number of bug fixes and enhancements over the previous version,\nincluding:\n\n* drbg: Add stdrng alias and increase priority\n* seqiv / eseqiv / chainiv: Move IV seeding into init function\n* ipv4: kABI fix for 0bbf87d backport\n* ipv4: Convert ipv4.ip_local_port_range to be per netns\n* libceph: tcp_nodelay support\n* ipr: Increase default adapter init stage change timeout\n* fix use-after-free bug in usb_hcd_unlink_urb()\n* libceph: fix double __remove_osd() problem\n* ext4: fix data corruption caused by unwritten and delayed extents\n* sunrpc: Add missing support for RPC_CLNT_CREATE_NO_RETRANS_TIMEOUT\n* nfs: Fixing lease renewal (Benjamin Coddington)\n* control hard lockup detection default\n* Fix print-once on enable\n* watchdog: update watchdog_thresh properly and watchdog attributes\n  atomically\n* module: Call module notifier on failure after complete_formation()\n\n(BZ#1234470)\n\nThis update also fixes the following bugs:\n\n* The megasas driver used the smp_processor_id() function within a\npreemptible context, which caused warning messages to be returned to the\nconsole. The function has been changed to raw_smp_processor_id() so that a\nlock is held while getting the processor ID. As a result, correct\noperations are now allowed without any console warnings being produced.\n(BZ#1235304)\n\n* In the NFSv4 file system, non-standard usage of the\nwrite_seqcount_{begin,end}() functions were used, which caused the realtime\ncode to try to sleep while locks were held. As a consequence, the\n\"scheduling while atomic\" error messages were returned. The underlying\nsource code has been modified to use the __write_seqcount_{begin,end}()\nfunctions that do not hold any locks, allowing correct execution of\nrealtime. (BZ#1235301)\n\nAll kernel-rt users are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements. The system must be\nrebooted for this update to take effect.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2015:1565",
        "url": "https://access.redhat.com/errata/RHSA-2015:1565"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1203712",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203712"
      },
      {
        "category": "external",
        "summary": "1204722",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204722"
      },
      {
        "category": "external",
        "summary": "1208684",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1208684"
      },
      {
        "category": "external",
        "summary": "1218074",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218074"
      },
      {
        "category": "external",
        "summary": "1234470",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1234470"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2015/rhsa-2015_1565.json"
      }
    ],
    "title": "Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update",
    "tracking": {
      "current_release_date": "2024-09-13T10:37:40+00:00",
      "generator": {
        "date": "2024-09-13T10:37:40+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "3.33.3"
        }
      },
      "id": "RHSA-2015:1565",
      "initial_release_date": "2015-08-05T20:13:24+00:00",
      "revision_history": [
        {
          "date": "2015-08-05T20:13:24+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2015-08-05T20:13:24+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-09-13T10:37:40+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Realtime (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Realtime (v. 7)",
                  "product_id": "7Server-RT-7.1.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras_rt:7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_id": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@3.10.0-229.11.1.rt56.141.11.el7_1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                "product": {
                  "name": "kernel-rt-trace-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_id": "kernel-rt-trace-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace@3.10.0-229.11.1.rt56.141.11.el7_1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                "product": {
                  "name": "kernel-rt-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_id": "kernel-rt-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-devel@3.10.0-229.11.1.rt56.141.11.el7_1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                "product": {
                  "name": "kernel-rt-debug-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_id": "kernel-rt-debug-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@3.10.0-229.11.1.rt56.141.11.el7_1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                "product": {
                  "name": "kernel-rt-debug-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_id": "kernel-rt-debug-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@3.10.0-229.11.1.rt56.141.11.el7_1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                "product": {
                  "name": "kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_id": "kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-229.11.1.rt56.141.11.el7_1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_id": "kernel-rt-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@3.10.0-229.11.1.rt56.141.11.el7_1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                "product": {
                  "name": "kernel-rt-debug-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_id": "kernel-rt-debug-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug@3.10.0-229.11.1.rt56.141.11.el7_1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                "product": {
                  "name": "kernel-rt-trace-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_id": "kernel-rt-trace-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@3.10.0-229.11.1.rt56.141.11.el7_1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                "product": {
                  "name": "kernel-rt-trace-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_id": "kernel-rt-trace-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@3.10.0-229.11.1.rt56.141.11.el7_1?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.src",
                "product": {
                  "name": "kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.src",
                  "product_id": "kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-229.11.1.rt56.141.11.el7_1?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-doc-0:3.10.0-229.11.1.rt56.141.11.el7_1.noarch",
                "product": {
                  "name": "kernel-rt-doc-0:3.10.0-229.11.1.rt56.141.11.el7_1.noarch",
                  "product_id": "kernel-rt-doc-0:3.10.0-229.11.1.rt56.141.11.el7_1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-doc@3.10.0-229.11.1.rt56.141.11.el7_1?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.src as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.src"
        },
        "product_reference": "kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.src",
        "relates_to_product_reference": "7Server-RT-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
        },
        "product_reference": "kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
        "relates_to_product_reference": "7Server-RT-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.1.Z:kernel-rt-debug-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
        "relates_to_product_reference": "7Server-RT-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.1.Z:kernel-rt-debug-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
        "relates_to_product_reference": "7Server-RT-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.1.Z:kernel-rt-debug-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
        "relates_to_product_reference": "7Server-RT-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.1.Z:kernel-rt-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
        "relates_to_product_reference": "7Server-RT-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.1.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
        "relates_to_product_reference": "7Server-RT-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.1.Z:kernel-rt-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
        "relates_to_product_reference": "7Server-RT-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-doc-0:3.10.0-229.11.1.rt56.141.11.el7_1.noarch as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.1.Z:kernel-rt-doc-0:3.10.0-229.11.1.rt56.141.11.el7_1.noarch"
        },
        "product_reference": "kernel-rt-doc-0:3.10.0-229.11.1.rt56.141.11.el7_1.noarch",
        "relates_to_product_reference": "7Server-RT-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.1.Z:kernel-rt-trace-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
        },
        "product_reference": "kernel-rt-trace-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
        "relates_to_product_reference": "7Server-RT-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.1.Z:kernel-rt-trace-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
        },
        "product_reference": "kernel-rt-trace-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
        "relates_to_product_reference": "7Server-RT-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.1.Z:kernel-rt-trace-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
        },
        "product_reference": "kernel-rt-trace-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
        "relates_to_product_reference": "7Server-RT-7.1.Z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Nathan Hoad"
          ]
        }
      ],
      "cve": "CVE-2014-9715",
      "cwe": {
        "id": "CWE-841",
        "name": "Improper Enforcement of Behavioral Workflow"
      },
      "discovery_date": "2014-05-26T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1208684"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An integer overflow flaw was found in the way the Linux kernel\u0027s netfilter connection tracking implementation loaded extensions. An attacker on a local network could potentially send a sequence of specially crafted packets that would initiate the loading of a large number of extensions, causing the targeted system in that network to crash.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: netfilter connection tracking extensions denial of service",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue does not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5 and 6. This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG 2.\n\nFor additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.src",
          "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debug-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debug-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debug-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-doc-0:3.10.0-229.11.1.rt56.141.11.el7_1.noarch",
          "7Server-RT-7.1.Z:kernel-rt-trace-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-trace-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-trace-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-9715"
        },
        {
          "category": "external",
          "summary": "RHBZ#1208684",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1208684"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-9715",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-9715"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-9715",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9715"
        }
      ],
      "release_date": "2015-04-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.src",
            "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-doc-0:3.10.0-229.11.1.rt56.141.11.el7_1.noarch",
            "7Server-RT-7.1.Z:kernel-rt-trace-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-trace-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-trace-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1565"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.7,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "products": [
            "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.src",
            "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-doc-0:3.10.0-229.11.1.rt56.141.11.el7_1.noarch",
            "7Server-RT-7.1.Z:kernel-rt-trace-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-trace-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-trace-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: netfilter connection tracking extensions denial of service"
    },
    {
      "cve": "CVE-2015-2666",
      "discovery_date": "2015-03-23T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1204722"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A stack-based buffer overflow flaw was found in the Linux kernel\u0027s early load microcode functionality. On a system with UEFI Secure Boot enabled, a local, privileged user could use this flaw to increase their privileges to the kernel (ring0) level, bypassing intended restrictions in place.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: execution in the early microcode loader",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enteprise MRG 2. Future kernel and kernel-rt updates for Red Hat Enterprise Linux 7 may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.src",
          "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debug-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debug-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debug-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-doc-0:3.10.0-229.11.1.rt56.141.11.el7_1.noarch",
          "7Server-RT-7.1.Z:kernel-rt-trace-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-trace-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-trace-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-2666"
        },
        {
          "category": "external",
          "summary": "RHBZ#1204722",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204722"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-2666",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-2666"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-2666",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2666"
        }
      ],
      "release_date": "2015-02-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.src",
            "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-doc-0:3.10.0-229.11.1.rt56.141.11.el7_1.noarch",
            "7Server-RT-7.1.Z:kernel-rt-trace-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-trace-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-trace-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1565"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "products": [
            "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.src",
            "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-doc-0:3.10.0-229.11.1.rt56.141.11.el7_1.noarch",
            "7Server-RT-7.1.Z:kernel-rt-trace-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-trace-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-trace-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: execution in the early microcode loader"
    },
    {
      "cve": "CVE-2015-2922",
      "cwe": {
        "id": "CWE-454",
        "name": "External Initialization of Trusted Variables or Data Stores"
      },
      "discovery_date": "2015-03-05T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1203712"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that the Linux kernel\u0027s TCP/IP protocol suite implementation for IPv6 allowed the Hop Limit value to be set to a smaller value than the default one. An attacker on a local network could use this flaw to prevent systems on that network from sending or receiving network packets.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements.",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of the Linux kernel as shipped with\nRed Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2. Future kernel\nupdates for Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2 may\naddress this issue.\n\nRed Hat Enterprise Linux 5 is now in Production 3 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.src",
          "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debug-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debug-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debug-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-doc-0:3.10.0-229.11.1.rt56.141.11.el7_1.noarch",
          "7Server-RT-7.1.Z:kernel-rt-trace-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-trace-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-trace-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-2922"
        },
        {
          "category": "external",
          "summary": "RHBZ#1203712",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203712"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-2922",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-2922"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-2922",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2922"
        }
      ],
      "release_date": "2015-03-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.src",
            "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-doc-0:3.10.0-229.11.1.rt56.141.11.el7_1.noarch",
            "7Server-RT-7.1.Z:kernel-rt-trace-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-trace-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-trace-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1565"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.src",
            "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-doc-0:3.10.0-229.11.1.rt56.141.11.el7_1.noarch",
            "7Server-RT-7.1.Z:kernel-rt-trace-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-trace-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-trace-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "kernel: denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements."
    },
    {
      "cve": "CVE-2015-3636",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2015-05-02T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1218074"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that the Linux kernel\u0027s ping socket implementation did not properly handle socket unhashing during spurious disconnects, which could lead to a use-after-free flaw. On x86-64 architecture systems, a local user able to create ping sockets could use this flaw to crash the system. On non-x86-64 architecture systems, a local user able to create ping sockets could use this flaw to escalate their privileges on the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: ping sockets: use-after-free leading to local privilege escalation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue does not affect the Linux kernel as shipped with Red Hat Enterprise Linux 5. This issue does affect the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG 2. Future kernel updates for the respective releases will address this issue.\n\nPlease note that on x86-64 architecture systems the impact is limited to local Denial of Service and that the ping sockets functionality is disabled by default (net.ipv4.ping_group_range sysctl is \"1\t0\").",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.src",
          "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debug-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debug-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debug-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-doc-0:3.10.0-229.11.1.rt56.141.11.el7_1.noarch",
          "7Server-RT-7.1.Z:kernel-rt-trace-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-trace-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
          "7Server-RT-7.1.Z:kernel-rt-trace-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-3636"
        },
        {
          "category": "external",
          "summary": "RHBZ#1218074",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218074"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3636",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-3636"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3636",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3636"
        }
      ],
      "release_date": "2015-05-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.src",
            "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-doc-0:3.10.0-229.11.1.rt56.141.11.el7_1.noarch",
            "7Server-RT-7.1.Z:kernel-rt-trace-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-trace-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-trace-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1565"
        },
        {
          "category": "workaround",
          "details": "You can check whether ping socket functionality is enabled by examining the net.ipv4.ping_group_range sysctl value:\n\n~]# sysctl net.ipv4.ping_group_range\nnet.ipv4.ping_group_range = 1\t0\n\n\"1 0\" is the default value and disables the ping socket functionality even for root user. Any other value means that the ping socket functionality might be enabled for certain users on the system.\n\nTo mitigate this vulnerability make sure that you either allow the functionality to trusted local users (groups) only or set the net.ipv4.ping_group_range sysctl to the default and disabled state:\n\n~]# sysctl net.ipv4.ping_group_range=\"1 0\"\n\nPlease note that this might prevent some programs relying on this functionality from functioning properly.",
          "product_ids": [
            "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.src",
            "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-doc-0:3.10.0-229.11.1.rt56.141.11.el7_1.noarch",
            "7Server-RT-7.1.Z:kernel-rt-trace-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-trace-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-trace-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.4,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:M/Au:S/C:N/I:N/A:C",
            "version": "2.0"
          },
          "products": [
            "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.src",
            "7Server-RT-7.1.Z:kernel-rt-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debug-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-doc-0:3.10.0-229.11.1.rt56.141.11.el7_1.noarch",
            "7Server-RT-7.1.Z:kernel-rt-trace-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-trace-debuginfo-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64",
            "7Server-RT-7.1.Z:kernel-rt-trace-devel-0:3.10.0-229.11.1.rt56.141.11.el7_1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: ping sockets: use-after-free leading to local privilege escalation"
    }
  ]
}

cve-2014-9715

Vulnerability from cvelistv5

Published

2015-05-27 10:00

Modified

2024-08-06 13:55

Severity

Summary

include/net/netfilter/nf_conntrack_extend.h in the netfilter subsystem in the Linux kernel before 3.14.5 uses an insufficiently large data type for certain extension data, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via outbound network traffic that triggers extension loading, as demonstrated by configuring a PPTP tunnel in a NAT environment.

References

URL	Tags
http://www.securityfocus.com/bid/73953	vdb-entry, x_refsource_BID
https://github.com/torvalds/linux/commit/223b02d923ecd7c84cf9780bb3686f455d279279	x_refsource_CONFIRM
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.5	x_refsource_CONFIRM
http://marc.info/?l=netfilter-devel&m=140112364215200&w=2	mailing-list, x_refsource_MLIST
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html	x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2015/04/08/1	mailing-list, x_refsource_MLIST
http://www.debian.org/security/2015/dsa-3237	vendor-advisory, x_refsource_DEBIAN
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=223b02d923ecd7c84cf9780bb3686f455d279279	x_refsource_CONFIRM
http://www.securitytracker.com/id/1032415	vdb-entry, x_refsource_SECTRACK
http://rhn.redhat.com/errata/RHSA-2015-1534.html	vendor-advisory, x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1564.html	vendor-advisory, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=1208684	x_refsource_CONFIRM

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.186Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "73953",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/73953"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/223b02d923ecd7c84cf9780bb3686f455d279279"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.5"
          },
          {
            "name": "[netfilter-devel] 20140526 OOPS NULL pointer dereference in nf_nat_setup_info+0x471 (reproductible, 3.14.4)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=netfilter-devel\u0026m=140112364215200\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
          },
          {
            "name": "[oss-security] 20150407 CVE request netfilter connection tracking accounting.",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/04/08/1"
          },
          {
            "name": "DSA-3237",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3237"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=223b02d923ecd7c84cf9780bb3686f455d279279"
          },
          {
            "name": "1032415",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032415"
          },
          {
            "name": "RHSA-2015:1534",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1534.html"
          },
          {
            "name": "RHSA-2015:1564",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1564.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1208684"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-04-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "include/net/netfilter/nf_conntrack_extend.h in the netfilter subsystem in the Linux kernel before 3.14.5 uses an insufficiently large data type for certain extension data, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via outbound network traffic that triggers extension loading, as demonstrated by configuring a PPTP tunnel in a NAT environment."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-29T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "73953",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/73953"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/223b02d923ecd7c84cf9780bb3686f455d279279"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.5"
        },
        {
          "name": "[netfilter-devel] 20140526 OOPS NULL pointer dereference in nf_nat_setup_info+0x471 (reproductible, 3.14.4)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://marc.info/?l=netfilter-devel\u0026m=140112364215200\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
        },
        {
          "name": "[oss-security] 20150407 CVE request netfilter connection tracking accounting.",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/04/08/1"
        },
        {
          "name": "DSA-3237",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3237"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=223b02d923ecd7c84cf9780bb3686f455d279279"
        },
        {
          "name": "1032415",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032415"
        },
        {
          "name": "RHSA-2015:1534",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1534.html"
        },
        {
          "name": "RHSA-2015:1564",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1564.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1208684"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9715",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "include/net/netfilter/nf_conntrack_extend.h in the netfilter subsystem in the Linux kernel before 3.14.5 uses an insufficiently large data type for certain extension data, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via outbound network traffic that triggers extension loading, as demonstrated by configuring a PPTP tunnel in a NAT environment."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "73953",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/73953"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/223b02d923ecd7c84cf9780bb3686f455d279279",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/223b02d923ecd7c84cf9780bb3686f455d279279"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.5",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.5"
            },
            {
              "name": "[netfilter-devel] 20140526 OOPS NULL pointer dereference in nf_nat_setup_info+0x471 (reproductible, 3.14.4)",
              "refsource": "MLIST",
              "url": "http://marc.info/?l=netfilter-devel\u0026m=140112364215200\u0026w=2"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
            },
            {
              "name": "[oss-security] 20150407 CVE request netfilter connection tracking accounting.",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/04/08/1"
            },
            {
              "name": "DSA-3237",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2015/dsa-3237"
            },
            {
              "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=223b02d923ecd7c84cf9780bb3686f455d279279",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=223b02d923ecd7c84cf9780bb3686f455d279279"
            },
            {
              "name": "1032415",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032415"
            },
            {
              "name": "RHSA-2015:1534",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1534.html"
            },
            {
              "name": "RHSA-2015:1564",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1564.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1208684",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1208684"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9715",
    "datePublished": "2015-05-27T10:00:00",
    "dateReserved": "2015-04-08T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.186Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-2666

Vulnerability from cvelistv5

Published

2015-05-27 10:00

Modified

2024-08-06 05:24

Severity

Summary

Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to the initrd.

References

URL	Tags
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153329.html	vendor-advisory, x_refsource_FEDORA
http://www.securitytracker.com/id/1032414	vdb-entry, x_refsource_SECTRACK
http://www.openwall.com/lists/oss-security/2015/03/20/18	mailing-list, x_refsource_MLIST
https://github.com/torvalds/linux/commit/f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4	x_refsource_CONFIRM
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4	x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2015-1534.html	vendor-advisory, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=1204722	x_refsource_CONFIRM

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:24:37.938Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2015-4457",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153329.html"
          },
          {
            "name": "1032414",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032414"
          },
          {
            "name": "[oss-security] 20150320 Re: CVE Request: Linux kernel execution in the early microcode loader.",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/03/20/18"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4"
          },
          {
            "name": "RHSA-2015:1534",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1534.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204722"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-02-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to the initrd."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-29T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "FEDORA-2015-4457",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153329.html"
        },
        {
          "name": "1032414",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032414"
        },
        {
          "name": "[oss-security] 20150320 Re: CVE Request: Linux kernel execution in the early microcode loader.",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/03/20/18"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4"
        },
        {
          "name": "RHSA-2015:1534",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1534.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204722"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-2666",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to the initrd."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "FEDORA-2015-4457",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153329.html"
            },
            {
              "name": "1032414",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032414"
            },
            {
              "name": "[oss-security] 20150320 Re: CVE Request: Linux kernel execution in the early microcode loader.",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/03/20/18"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4"
            },
            {
              "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4"
            },
            {
              "name": "RHSA-2015:1534",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1534.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1204722",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204722"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-2666",
    "datePublished": "2015-05-27T10:00:00",
    "dateReserved": "2015-03-20T00:00:00",
    "dateUpdated": "2024-08-06T05:24:37.938Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-3636

Vulnerability from cvelistv5

Published

2015-08-06 01:00

Modified

2024-08-06 05:47

Severity

Summary

The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the ability to make a SOCK_DGRAM socket system call for the IPPROTO_ICMP or IPPROTO_ICMPV6 protocol, and then making a connect system call after a disconnect.

References

URL	Tags
http://www.debian.org/security/2015/dsa-3290	vendor-advisory, x_refsource_DEBIAN
http://www.ubuntu.com/usn/USN-2631-1	vendor-advisory, x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2634-1	vendor-advisory, x_refsource_UBUNTU
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html	vendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html	vendor-advisory, x_refsource_SUSE
http://www.ubuntu.com/usn/USN-2632-1	vendor-advisory, x_refsource_UBUNTU
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html	vendor-advisory, x_refsource_SUSE
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158804.html	vendor-advisory, x_refsource_FEDORA
http://www.openwall.com/lists/oss-security/2015/05/02/5	mailing-list, x_refsource_MLIST
http://www.securitytracker.com/id/1033186	vdb-entry, x_refsource_SECTRACK
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html	x_refsource_CONFIRM
https://github.com/torvalds/linux/commit/a134f083e79fb4c3d0a925691e732c56911b4326	x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157897.html	vendor-advisory, x_refsource_FEDORA
http://rhn.redhat.com/errata/RHSA-2015-1643.html	vendor-advisory, x_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html	vendor-advisory, x_refsource_SUSE
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3	x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=1218074	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html	vendor-advisory, x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2015-1583.html	vendor-advisory, x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1534.html	vendor-advisory, x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1564.html	vendor-advisory, x_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html	vendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html	vendor-advisory, x_refsource_SUSE
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a134f083e79fb4c3d0a925691e732c56911b4326	x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2015-1221.html	vendor-advisory, x_refsource_REDHAT
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157788.html	vendor-advisory, x_refsource_FEDORA
http://www.ubuntu.com/usn/USN-2633-1	vendor-advisory, x_refsource_UBUNTU
http://www.securityfocus.com/bid/74450	vdb-entry, x_refsource_BID

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:47:57.772Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-3290",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3290"
          },
          {
            "name": "USN-2631-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2631-1"
          },
          {
            "name": "USN-2634-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2634-1"
          },
          {
            "name": "SUSE-SU-2015:1491",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html"
          },
          {
            "name": "SUSE-SU-2015:1489",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html"
          },
          {
            "name": "USN-2632-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2632-1"
          },
          {
            "name": "SUSE-SU-2015:1488",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html"
          },
          {
            "name": "FEDORA-2015-8518",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158804.html"
          },
          {
            "name": "[oss-security] 20150502 CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/05/02/5"
          },
          {
            "name": "1033186",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033186"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/a134f083e79fb4c3d0a925691e732c56911b4326"
          },
          {
            "name": "FEDORA-2015-7736",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157897.html"
          },
          {
            "name": "RHSA-2015:1643",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1643.html"
          },
          {
            "name": "openSUSE-SU-2015:1382",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218074"
          },
          {
            "name": "SUSE-SU-2015:1478",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html"
          },
          {
            "name": "RHSA-2015:1583",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1583.html"
          },
          {
            "name": "RHSA-2015:1534",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1534.html"
          },
          {
            "name": "RHSA-2015:1564",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1564.html"
          },
          {
            "name": "SUSE-SU-2015:1224",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"
          },
          {
            "name": "SUSE-SU-2015:1487",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a134f083e79fb4c3d0a925691e732c56911b4326"
          },
          {
            "name": "RHSA-2015:1221",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1221.html"
          },
          {
            "name": "FEDORA-2015-7784",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157788.html"
          },
          {
            "name": "USN-2633-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2633-1"
          },
          {
            "name": "74450",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/74450"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-05-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the ability to make a SOCK_DGRAM socket system call for the IPPROTO_ICMP or IPPROTO_ICMPV6 protocol, and then making a connect system call after a disconnect."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-3290",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3290"
        },
        {
          "name": "USN-2631-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2631-1"
        },
        {
          "name": "USN-2634-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2634-1"
        },
        {
          "name": "SUSE-SU-2015:1491",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html"
        },
        {
          "name": "SUSE-SU-2015:1489",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html"
        },
        {
          "name": "USN-2632-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2632-1"
        },
        {
          "name": "SUSE-SU-2015:1488",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html"
        },
        {
          "name": "FEDORA-2015-8518",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158804.html"
        },
        {
          "name": "[oss-security] 20150502 CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/05/02/5"
        },
        {
          "name": "1033186",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1033186"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/a134f083e79fb4c3d0a925691e732c56911b4326"
        },
        {
          "name": "FEDORA-2015-7736",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157897.html"
        },
        {
          "name": "RHSA-2015:1643",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1643.html"
        },
        {
          "name": "openSUSE-SU-2015:1382",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218074"
        },
        {
          "name": "SUSE-SU-2015:1478",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html"
        },
        {
          "name": "RHSA-2015:1583",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1583.html"
        },
        {
          "name": "RHSA-2015:1534",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1534.html"
        },
        {
          "name": "RHSA-2015:1564",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1564.html"
        },
        {
          "name": "SUSE-SU-2015:1224",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"
        },
        {
          "name": "SUSE-SU-2015:1487",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a134f083e79fb4c3d0a925691e732c56911b4326"
        },
        {
          "name": "RHSA-2015:1221",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1221.html"
        },
        {
          "name": "FEDORA-2015-7784",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157788.html"
        },
        {
          "name": "USN-2633-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2633-1"
        },
        {
          "name": "74450",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/74450"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-3636",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the ability to make a SOCK_DGRAM socket system call for the IPPROTO_ICMP or IPPROTO_ICMPV6 protocol, and then making a connect system call after a disconnect."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-3290",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2015/dsa-3290"
            },
            {
              "name": "USN-2631-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2631-1"
            },
            {
              "name": "USN-2634-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2634-1"
            },
            {
              "name": "SUSE-SU-2015:1491",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html"
            },
            {
              "name": "SUSE-SU-2015:1489",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html"
            },
            {
              "name": "USN-2632-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2632-1"
            },
            {
              "name": "SUSE-SU-2015:1488",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html"
            },
            {
              "name": "FEDORA-2015-8518",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158804.html"
            },
            {
              "name": "[oss-security] 20150502 CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/05/02/5"
            },
            {
              "name": "1033186",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1033186"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/a134f083e79fb4c3d0a925691e732c56911b4326",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/a134f083e79fb4c3d0a925691e732c56911b4326"
            },
            {
              "name": "FEDORA-2015-7736",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157897.html"
            },
            {
              "name": "RHSA-2015:1643",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1643.html"
            },
            {
              "name": "openSUSE-SU-2015:1382",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1218074",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218074"
            },
            {
              "name": "SUSE-SU-2015:1478",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html"
            },
            {
              "name": "RHSA-2015:1583",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1583.html"
            },
            {
              "name": "RHSA-2015:1534",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1534.html"
            },
            {
              "name": "RHSA-2015:1564",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1564.html"
            },
            {
              "name": "SUSE-SU-2015:1224",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"
            },
            {
              "name": "SUSE-SU-2015:1487",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a134f083e79fb4c3d0a925691e732c56911b4326",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a134f083e79fb4c3d0a925691e732c56911b4326"
            },
            {
              "name": "RHSA-2015:1221",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1221.html"
            },
            {
              "name": "FEDORA-2015-7784",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157788.html"
            },
            {
              "name": "USN-2633-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2633-1"
            },
            {
              "name": "74450",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/74450"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-3636",
    "datePublished": "2015-08-06T01:00:00",
    "dateReserved": "2015-05-02T00:00:00",
    "dateUpdated": "2024-08-06T05:47:57.772Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-2922

Vulnerability from cvelistv5

Published

2015-05-27 10:00

Modified

2024-08-06 05:32

Severity

Summary

The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.

References

URL	Tags
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html	vendor-advisory, x_refsource_FEDORA
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html	vendor-advisory, x_refsource_FEDORA
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html	x_refsource_CONFIRM
http://www.debian.org/security/2015/dsa-3237	vendor-advisory, x_refsource_DEBIAN
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html	vendor-advisory, x_refsource_SUSE
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html	vendor-advisory, x_refsource_FEDORA
http://www.securitytracker.com/id/1032417	vdb-entry, x_refsource_SECTRACK
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html	vendor-advisory, x_refsource_SUSE
http://www.openwall.com/lists/oss-security/2015/04/04/2	mailing-list, x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=1203712	x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2015-1534.html	vendor-advisory, x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1564.html	vendor-advisory, x_refsource_REDHAT
https://github.com/torvalds/linux/commit/6fd99094de2b83d1d4c8457f2c83483b2828e75a	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html	vendor-advisory, x_refsource_SUSE
http://www.securityfocus.com/bid/74315	vdb-entry, x_refsource_BID
http://rhn.redhat.com/errata/RHSA-2015-1221.html	vendor-advisory, x_refsource_REDHAT
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6fd99094de2b83d1d4c8457f2c83483b2828e75a	x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html	x_refsource_CONFIRM

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:32:20.794Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2015-6100",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html"
          },
          {
            "name": "FEDORA-2015-6294",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
          },
          {
            "name": "DSA-3237",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3237"
          },
          {
            "name": "openSUSE-SU-2015:1382",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
          },
          {
            "name": "FEDORA-2015-6320",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html"
          },
          {
            "name": "1032417",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032417"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6"
          },
          {
            "name": "SUSE-SU-2015:1478",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html"
          },
          {
            "name": "[oss-security] 20150404 Re: CVE Request : IPv6 Hop limit lowering via RA messages",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/04/04/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203712"
          },
          {
            "name": "RHSA-2015:1534",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1534.html"
          },
          {
            "name": "RHSA-2015:1564",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1564.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/6fd99094de2b83d1d4c8457f2c83483b2828e75a"
          },
          {
            "name": "SUSE-SU-2015:1224",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"
          },
          {
            "name": "74315",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/74315"
          },
          {
            "name": "RHSA-2015:1221",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1221.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6fd99094de2b83d1d4c8457f2c83483b2828e75a"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-04-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "FEDORA-2015-6100",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html"
        },
        {
          "name": "FEDORA-2015-6294",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
        },
        {
          "name": "DSA-3237",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3237"
        },
        {
          "name": "openSUSE-SU-2015:1382",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
        },
        {
          "name": "FEDORA-2015-6320",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html"
        },
        {
          "name": "1032417",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032417"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6"
        },
        {
          "name": "SUSE-SU-2015:1478",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html"
        },
        {
          "name": "[oss-security] 20150404 Re: CVE Request : IPv6 Hop limit lowering via RA messages",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/04/04/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203712"
        },
        {
          "name": "RHSA-2015:1534",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1534.html"
        },
        {
          "name": "RHSA-2015:1564",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1564.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/6fd99094de2b83d1d4c8457f2c83483b2828e75a"
        },
        {
          "name": "SUSE-SU-2015:1224",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"
        },
        {
          "name": "74315",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/74315"
        },
        {
          "name": "RHSA-2015:1221",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1221.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6fd99094de2b83d1d4c8457f2c83483b2828e75a"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-2922",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "FEDORA-2015-6100",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html"
            },
            {
              "name": "FEDORA-2015-6294",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
            },
            {
              "name": "DSA-3237",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2015/dsa-3237"
            },
            {
              "name": "openSUSE-SU-2015:1382",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
            },
            {
              "name": "FEDORA-2015-6320",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html"
            },
            {
              "name": "1032417",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032417"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.6"
            },
            {
              "name": "SUSE-SU-2015:1478",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html"
            },
            {
              "name": "[oss-security] 20150404 Re: CVE Request : IPv6 Hop limit lowering via RA messages",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/04/04/2"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1203712",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203712"
            },
            {
              "name": "RHSA-2015:1534",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1534.html"
            },
            {
              "name": "RHSA-2015:1564",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1564.html"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/6fd99094de2b83d1d4c8457f2c83483b2828e75a",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/6fd99094de2b83d1d4c8457f2c83483b2828e75a"
            },
            {
              "name": "SUSE-SU-2015:1224",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"
            },
            {
              "name": "74315",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/74315"
            },
            {
              "name": "RHSA-2015:1221",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1221.html"
            },
            {
              "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6fd99094de2b83d1d4c8457f2c83483b2828e75a",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6fd99094de2b83d1d4c8457f2c83483b2828e75a"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-2922",
    "datePublished": "2015-05-27T10:00:00",
    "dateReserved": "2015-04-04T00:00:00",
    "dateUpdated": "2024-08-06T05:32:20.794Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Action not permitted

rhsa-2015_1565

Vulnerability from csaf_redhat

cve-2014-9715

Vulnerability from cvelistv5

cve-2015-2666

Vulnerability from cvelistv5

cve-2015-3636

Vulnerability from cvelistv5

cve-2015-2922

Vulnerability from cvelistv5

Tags