CVE-2015-0272

Summary

CVE	CVE-2015-0272
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2015-11-17 15:59:00 UTC
Updated	2023-02-13 00:46:00 UTC
Description	GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.

Risk And Classification

Problem Types: NVD-CWE-noinfo

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Canonical	Ubuntu Linux	12.04	All	All	All
Application	Gnome	Networkmanager	All	All	All	All
Application	Gnome	Networkmanager	-	All	All	All
Application	Gnome	Networkmanager	-	All	All	All
Operating System	Oracle	Linux	7	-	All	All
Application	Suse	Linux Enterprise Debuginfo	11	sp2	All	All
Application	Suse	Linux Enterprise Debuginfo	11	sp3	All	All
Application	Suse	Linux Enterprise Debuginfo	11	sp4	All	All
Operating System	Suse	Linux Enterprise Desktop	11	sp3	All	All
Operating System	Suse	Linux Enterprise Desktop	11	sp4	All	All
Operating System	Suse	Linux Enterprise Desktop	12	-	All	All
Operating System	Suse	Linux Enterprise Desktop	12	sp1	All	All
Operating System	Suse	Linux Enterprise Real Time Extension	11	sp3	All	All
Operating System	Suse	Linux Enterprise Real Time Extension	11	sp4	All	All
Operating System	Suse	Linux Enterprise Server	11	-	All	All
Operating System	Suse	Linux Enterprise Server	11	sp2	All	All
Operating System	Suse	Linux Enterprise Server	11	sp3	All	All
Operating System	Suse	Linux Enterprise Server	11	sp3	All	All
Operating System	Suse	Linux Enterprise Server	11	sp4	All	All
Operating System	Suse	Linux Enterprise Server	12	-	All	All
Operating System	Suse	Linux Enterprise Server	12	sp1	All	All
Operating System	Suse	Linux Enterprise Software Development Kit	11	sp3	All	All
Operating System	Suse	Linux Enterprise Software Development Kit	11	sp4	All	All
Operating System	Suse	Linux Enterprise Software Development Kit	12	-	All	All
Operating System	Suse	Linux Enterprise Software Development Kit	12	sp1	All	All
Operating System	Suse	Linux Enterprise Workstation Extension	12	All	All	All
Operating System	Suse	Linux Enterprise Workstation Extension	12	sp1	All	All

References

Reference	Source	Link	Tags
[security-announce] SUSE-SU-2015:2350-1: important: Security update for	SUSE	lists.opensuse.org
[security-announce] SUSE-SU-2016:0354-1: important: Security update for	SUSE	lists.opensuse.org
access.redhat.com \| CVE-2015-0272	MISC	access.redhat.com
Red Hat Customer Portal	MISC	access.redhat.com
[security-announce] SUSE-SU-2015:2108-1: important: Security update for	SUSE	lists.opensuse.org
[security-announce] SUSE-SU-2016:2074-1: important: Security update for	SUSE	lists.opensuse.org
[security-announce] SUSE-SU-2015:2194-1: important: Security update for	SUSE	lists.opensuse.org
[security-announce] SUSE-SU-2015:2339-1: important: Security update for	SUSE	lists.opensuse.org
Oracle Linux Bulletin - October 2015	CONFIRM	www.oracle.com
GNOME NetworkManager 'ipv6/addrconf.c' Denial of Service Vulnerability	BID	www.securityfocus.com	Third Party Advisory, VDB Entry
USN-2792-1: Linux kernel vulnerabilities \| Ubuntu	UBUNTU	www.ubuntu.com
[security-announce] SUSE-SU-2015:2292-1: important: Security update for	SUSE	lists.opensuse.org
NetworkManager/NetworkManager - Network connection manager and user applications (mirrored from https://gitlab.freedesktop.org/NetworkManager/NetworkManager)	CONFIRM	cgit.freedesktop.org	Issue Tracking, Patch
Bug 1192132 – CVE-2015-0272 kernel/NetworkManager: remote DoS using IPv6 RA with bogus MTU	CONFIRM	bugzilla.redhat.com	Issue Tracking
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.