Vulnerability Details CVE-2015-1465
The IPv4 implementation in the Linux kernel before 3.18.8 does not properly consider the length of the Read-Copy Update (RCU) grace period for redirecting lookups in the absence of caching, which allows remote attackers to cause a denial of service (memory consumption or system crash) via a flood of packets.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.077
EPSS Ranking 91.6%
CVSS Severity
CVSS v2 Score 7.8
References
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=df4d92549f23e1c037e83323aff58a21b3de7fe0
- http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.8
- http://www.openwall.com/lists/oss-security/2015/02/03/13
- http://www.securityfocus.com/bid/72435
- http://www.securitytracker.com/id/1036763
- http://www.ubuntu.com/usn/USN-2545-1
- http://www.ubuntu.com/usn/USN-2546-1
- http://www.ubuntu.com/usn/USN-2562-1
- http://www.ubuntu.com/usn/USN-2563-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1183744
- https://github.com/torvalds/linux/commit/df4d92549f23e1c037e83323aff58a21b3de7fe0
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=df4d92549f23e1c037e83323aff58a21b3de7fe0
- http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.8
- http://www.openwall.com/lists/oss-security/2015/02/03/13
- http://www.securityfocus.com/bid/72435
- http://www.securitytracker.com/id/1036763
- http://www.ubuntu.com/usn/USN-2545-1
- http://www.ubuntu.com/usn/USN-2546-1
- http://www.ubuntu.com/usn/USN-2562-1
- http://www.ubuntu.com/usn/USN-2563-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1183744
- https://github.com/torvalds/linux/commit/df4d92549f23e1c037e83323aff58a21b3de7fe0
Products affected by CVE-2015-1465
-
cpe:2.3:o:canonical:ubuntu_linux:12.04
-
cpe:2.3:o:canonical:ubuntu_linux:14.04
-
cpe:2.3:o:canonical:ubuntu_linux:14.10
-
cpe:2.3:o:linux:linux_kernel:3.10.50
-
cpe:2.3:o:linux:linux_kernel:3.10.51
-
cpe:2.3:o:linux:linux_kernel:3.10.52
-
cpe:2.3:o:linux:linux_kernel:3.10.53
-
cpe:2.3:o:linux:linux_kernel:3.10.54
-
cpe:2.3:o:linux:linux_kernel:3.10.55
-
cpe:2.3:o:linux:linux_kernel:3.10.56
-
cpe:2.3:o:linux:linux_kernel:3.10.57
-
cpe:2.3:o:linux:linux_kernel:3.10.58
-
cpe:2.3:o:linux:linux_kernel:3.10.59
-
cpe:2.3:o:linux:linux_kernel:3.10.60
-
cpe:2.3:o:linux:linux_kernel:3.10.61
-
cpe:2.3:o:linux:linux_kernel:3.10.62
-
cpe:2.3:o:linux:linux_kernel:3.10.63
-
cpe:2.3:o:linux:linux_kernel:3.10.64
-
cpe:2.3:o:linux:linux_kernel:3.10.65
-
cpe:2.3:o:linux:linux_kernel:3.10.66
-
cpe:2.3:o:linux:linux_kernel:3.10.67
-
cpe:2.3:o:linux:linux_kernel:3.10.68
-
cpe:2.3:o:linux:linux_kernel:3.10.69
-
cpe:2.3:o:linux:linux_kernel:3.12.26
-
cpe:2.3:o:linux:linux_kernel:3.12.27
-
cpe:2.3:o:linux:linux_kernel:3.12.28
-
cpe:2.3:o:linux:linux_kernel:3.12.29
-
cpe:2.3:o:linux:linux_kernel:3.12.30
-
cpe:2.3:o:linux:linux_kernel:3.12.31
-
cpe:2.3:o:linux:linux_kernel:3.12.32
-
cpe:2.3:o:linux:linux_kernel:3.12.33
-
cpe:2.3:o:linux:linux_kernel:3.12.34
-
cpe:2.3:o:linux:linux_kernel:3.12.35
-
cpe:2.3:o:linux:linux_kernel:3.12.36
-
cpe:2.3:o:linux:linux_kernel:3.12.37
-
cpe:2.3:o:linux:linux_kernel:3.14.14
-
cpe:2.3:o:linux:linux_kernel:3.14.15
-
cpe:2.3:o:linux:linux_kernel:3.14.16
-
cpe:2.3:o:linux:linux_kernel:3.14.17
-
cpe:2.3:o:linux:linux_kernel:3.14.18
-
cpe:2.3:o:linux:linux_kernel:3.14.19
-
cpe:2.3:o:linux:linux_kernel:3.14.20
-
cpe:2.3:o:linux:linux_kernel:3.14.21
-
cpe:2.3:o:linux:linux_kernel:3.14.22
-
cpe:2.3:o:linux:linux_kernel:3.14.23
-
cpe:2.3:o:linux:linux_kernel:3.14.24
-
cpe:2.3:o:linux:linux_kernel:3.14.25
-
cpe:2.3:o:linux:linux_kernel:3.14.26
-
cpe:2.3:o:linux:linux_kernel:3.14.27
-
cpe:2.3:o:linux:linux_kernel:3.14.28
-
cpe:2.3:o:linux:linux_kernel:3.14.29
-
cpe:2.3:o:linux:linux_kernel:3.14.30
-
cpe:2.3:o:linux:linux_kernel:3.14.31
-
cpe:2.3:o:linux:linux_kernel:3.14.32
-
cpe:2.3:o:linux:linux_kernel:3.14.33
-
cpe:2.3:o:linux:linux_kernel:3.15.10
-
cpe:2.3:o:linux:linux_kernel:3.15.7
-
cpe:2.3:o:linux:linux_kernel:3.15.8
-
cpe:2.3:o:linux:linux_kernel:3.15.9
-
cpe:2.3:o:linux:linux_kernel:3.16
-
cpe:2.3:o:linux:linux_kernel:3.16.0
-
cpe:2.3:o:linux:linux_kernel:3.16.1
-
cpe:2.3:o:linux:linux_kernel:3.16.2
-
cpe:2.3:o:linux:linux_kernel:3.16.3
-
cpe:2.3:o:linux:linux_kernel:3.16.4
-
cpe:2.3:o:linux:linux_kernel:3.16.5
-
cpe:2.3:o:linux:linux_kernel:3.16.6
-
cpe:2.3:o:linux:linux_kernel:3.16.7
-
cpe:2.3:o:linux:linux_kernel:3.17
-
cpe:2.3:o:linux:linux_kernel:3.17.1
-
cpe:2.3:o:linux:linux_kernel:3.17.2
-
cpe:2.3:o:linux:linux_kernel:3.17.3
-
cpe:2.3:o:linux:linux_kernel:3.17.4
-
cpe:2.3:o:linux:linux_kernel:3.17.5
-
cpe:2.3:o:linux:linux_kernel:3.17.6
-
cpe:2.3:o:linux:linux_kernel:3.17.7
-
cpe:2.3:o:linux:linux_kernel:3.17.8
-
cpe:2.3:o:linux:linux_kernel:3.18
-
cpe:2.3:o:linux:linux_kernel:3.18.0
-
cpe:2.3:o:linux:linux_kernel:3.18.1
-
cpe:2.3:o:linux:linux_kernel:3.18.2
-
cpe:2.3:o:linux:linux_kernel:3.18.3
-
cpe:2.3:o:linux:linux_kernel:3.18.4
-
cpe:2.3:o:linux:linux_kernel:3.18.5
-
cpe:2.3:o:linux:linux_kernel:3.18.6
-
cpe:2.3:o:linux:linux_kernel:3.18.7