CVE-2015-2924

The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in NetworkManager 1.x allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message, a similar issue to CVE-2015-2922.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.3 UNKNOWN
ADJACENT_NETWORK
LOW
AV:A/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
Affected Products (NVD)
VendorProductVersion
networkmanager_projectnetworkmanager
𝑥
≤ 1.0.7
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
network-manager
bookworm
1.42.4-1
fixed
bullseye
1.30.6-1+deb11u1
fixed
jessie
no-dsa
sid
1.50.0-1
fixed
squeeze
no-dsa
trixie
1.50.0-1
fixed
wheezy
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
network-manager
lucid
ignored
precise
not-affected
trusty
dne
utopic
ignored
vivid
ignored
wily
not-affected
xenial
not-affected
yakkety
not-affected
zesty
not-affected
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
NetworkManager
suse enterprise desktop 12 SP2
1.0.12-8.6
fixed
suse enterprise desktop 12 SP3
1.0.12-12.4
fixed
suse enterprise desktop 12 SP4
1.0.12-13.6.1
fixed
suse enterprise desktop 15
1.10.6-3.16
fixed
suse enterprise desktop 15 SP1
1.10.6-5.3.1
fixed
suse enterprise desktop 15 SP2
1.22.6-1.36
fixed
suse enterprise sap 12 SP2
1.0.12-8.6
fixed
suse enterprise sap 12 SP3
1.0.12-12.4
fixed
suse enterprise sap 12 SP4
1.0.12-13.6.1
fixed
suse enterprise sap 12 SP5
1.0.12-13.12.1
fixed
suse enterprise sap 15
1.10.6-3.16
fixed
suse enterprise sap 15 SP1
1.10.6-5.3.1
fixed
suse enterprise sap 15 SP2
1.22.6-1.36
fixed
suse enterprise server 12 SP2
1.0.12-8.6
fixed
suse enterprise server 12 SP3
1.0.12-12.4
fixed
suse enterprise server 12 SP4
1.0.12-13.6.1
fixed
suse enterprise server 12 SP5
1.0.12-13.12.1
fixed
suse enterprise server 15
1.10.6-3.16
fixed
suse enterprise server 15 SP1
1.10.6-5.3.1
fixed
suse enterprise server 15 SP2
1.22.6-1.36
fixed
suse enterprise workstation 12 SP2
1.0.12-8.6
fixed
suse enterprise workstation 12 SP3
1.0.12-12.4
fixed
suse enterprise workstation 12 SP4
1.0.12-13.6.1
fixed
suse enterprise workstation 12 SP5
1.0.12-13.12.1
fixed
NetworkManager-devel
suse enterprise desktop 15
1.10.6-3.16
fixed
suse enterprise desktop 15 SP1
1.10.6-5.3.1
fixed
suse enterprise desktop 15 SP2
1.22.6-1.36
fixed
suse enterprise desktop 15 SP3
1.22.10-3.7.1
fixed
suse enterprise desktop 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise sap 15
1.10.6-3.16
fixed
suse enterprise sap 15 SP1
1.10.6-5.3.1
fixed
suse enterprise sap 15 SP2
1.22.6-1.36
fixed
suse enterprise sap 15 SP3
1.22.10-3.7.1
fixed
suse enterprise sap 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise server 15
1.10.6-3.16
fixed
suse enterprise server 15 SP1
1.10.6-5.3.1
fixed
suse enterprise server 15 SP2
1.22.6-1.36
fixed
suse enterprise server 15 SP3
1.22.10-3.7.1
fixed
suse enterprise server 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise workstation 15 SP3
1.22.10-3.7.1
fixed
suse enterprise workstation 15 SP4
1.32.12-150400.1.11
fixed
NetworkManager-lang
suse enterprise desktop 12 SP2
1.0.12-8.6
fixed
suse enterprise desktop 12 SP3
1.0.12-12.4
fixed
suse enterprise desktop 12 SP4
1.0.12-13.6.1
fixed
suse enterprise desktop 15 SP3
1.22.10-3.7.1
fixed
suse enterprise desktop 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise sap 12 SP2
1.0.12-8.6
fixed
suse enterprise sap 12 SP3
1.0.12-12.4
fixed
suse enterprise sap 12 SP4
1.0.12-13.6.1
fixed
suse enterprise sap 12 SP5
1.0.12-13.12.1
fixed
suse enterprise sap 15 SP3
1.22.10-3.7.1
fixed
suse enterprise sap 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise server 12 SP2
1.0.12-8.6
fixed
suse enterprise server 12 SP3
1.0.12-12.4
fixed
suse enterprise server 12 SP4
1.0.12-13.6.1
fixed
suse enterprise server 12 SP5
1.0.12-13.12.1
fixed
suse enterprise server 15 SP3
1.22.10-3.7.1
fixed
suse enterprise server 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise workstation 12 SP2
1.0.12-8.6
fixed
suse enterprise workstation 12 SP3
1.0.12-12.4
fixed
suse enterprise workstation 12 SP4
1.0.12-13.6.1
fixed
suse enterprise workstation 12 SP5
1.0.12-13.12.1
fixed
suse enterprise workstation 15 SP3
1.22.10-3.7.1
fixed
suse enterprise workstation 15 SP4
1.32.12-150400.1.11
fixed
libnm-glib-vpn1
suse enterprise desktop 15
1.10.6-3.16
fixed
suse enterprise desktop 15 SP1
1.10.6-5.3.1
fixed
suse enterprise sap 12 SP5
1.0.12-13.12.1
fixed
suse enterprise sap 15
1.10.6-3.16
fixed
suse enterprise sap 15 SP1
1.10.6-5.3.1
fixed
suse enterprise server 12 SP2
1.0.12-8.6
fixed
suse enterprise server 12 SP5
1.0.12-13.12.1
fixed
suse enterprise server 15
1.10.6-3.16
fixed
suse enterprise server 15 SP1
1.10.6-5.3.1
fixed
libnm-glib4
suse enterprise desktop 15
1.10.6-3.16
fixed
suse enterprise desktop 15 SP1
1.10.6-5.3.1
fixed
suse enterprise sap 12 SP5
1.0.12-13.12.1
fixed
suse enterprise sap 15
1.10.6-3.16
fixed
suse enterprise sap 15 SP1
1.10.6-5.3.1
fixed
suse enterprise server 12 SP2
1.0.12-8.6
fixed
suse enterprise server 12 SP5
1.0.12-13.12.1
fixed
suse enterprise server 15
1.10.6-3.16
fixed
suse enterprise server 15 SP1
1.10.6-5.3.1
fixed
libnm-util2
suse enterprise desktop 15
1.10.6-3.16
fixed
suse enterprise desktop 15 SP1
1.10.6-5.3.1
fixed
suse enterprise sap 12 SP5
1.0.12-13.12.1
fixed
suse enterprise sap 15
1.10.6-3.16
fixed
suse enterprise sap 15 SP1
1.10.6-5.3.1
fixed
suse enterprise server 12 SP2
1.0.12-8.6
fixed
suse enterprise server 12 SP5
1.0.12-13.12.1
fixed
suse enterprise server 15
1.10.6-3.16
fixed
suse enterprise server 15 SP1
1.10.6-5.3.1
fixed
libnm0
suse enterprise desktop 15
1.10.6-3.16
fixed
suse enterprise desktop 15 SP1
1.10.6-5.3.1
fixed
suse enterprise desktop 15 SP2
1.22.6-1.36
fixed
suse enterprise desktop 15 SP3
1.22.10-3.7.1
fixed
suse enterprise desktop 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise desktop 15 SP5
1.38.6-150500.1.2
fixed
suse enterprise desktop 15 SP6
1.44.2-150600.1.7
fixed
suse enterprise desktop 15 SP7
1.44.2-150600.3.2.1
fixed
suse enterprise sap 12 SP5
1.0.12-13.12.1
fixed
suse enterprise sap 15
1.10.6-3.16
fixed
suse enterprise sap 15 SP1
1.10.6-5.3.1
fixed
suse enterprise sap 15 SP2
1.22.6-1.36
fixed
suse enterprise sap 15 SP3
1.22.10-3.7.1
fixed
suse enterprise sap 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise sap 15 SP5
1.38.6-150500.1.2
fixed
suse enterprise sap 15 SP6
1.44.2-150600.1.7
fixed
suse enterprise sap 15 SP7
1.44.2-150600.3.2.1
fixed
suse enterprise server 12 SP2
1.0.12-8.6
fixed
suse enterprise server 12 SP5
1.0.12-13.12.1
fixed
suse enterprise server 15
1.10.6-3.16
fixed
suse enterprise server 15 SP1
1.10.6-5.3.1
fixed
suse enterprise server 15 SP2
1.22.6-1.36
fixed
suse enterprise server 15 SP3
1.22.10-3.7.1
fixed
suse enterprise server 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise server 15 SP5
1.38.6-150500.1.2
fixed
suse enterprise server 15 SP6
1.44.2-150600.1.7
fixed
suse enterprise server 15 SP7
1.44.2-150600.3.2.1
fixed
typelib-1_0-NM-1_0
suse enterprise desktop 12 SP2
1.0.12-8.6
fixed
suse enterprise desktop 12 SP3
1.0.12-12.4
fixed
suse enterprise desktop 12 SP4
1.0.12-13.6.1
fixed
suse enterprise desktop 15
1.10.6-3.16
fixed
suse enterprise desktop 15 SP1
1.10.6-5.3.1
fixed
suse enterprise desktop 15 SP2
1.22.6-1.36
fixed
suse enterprise desktop 15 SP3
1.22.10-3.7.1
fixed
suse enterprise desktop 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise desktop 15 SP5
1.38.6-150500.1.2
fixed
suse enterprise desktop 15 SP6
1.44.2-150600.1.7
fixed
suse enterprise desktop 15 SP7
1.44.2-150600.3.2.1
fixed
suse enterprise sap 12 SP2
1.0.12-8.6
fixed
suse enterprise sap 12 SP3
1.0.12-12.4
fixed
suse enterprise sap 12 SP4
1.0.12-13.6.1
fixed
suse enterprise sap 12 SP5
1.0.12-13.12.1
fixed
suse enterprise sap 15
1.10.6-3.16
fixed
suse enterprise sap 15 SP1
1.10.6-5.3.1
fixed
suse enterprise sap 15 SP2
1.22.6-1.36
fixed
suse enterprise sap 15 SP3
1.22.10-3.7.1
fixed
suse enterprise sap 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise sap 15 SP5
1.38.6-150500.1.2
fixed
suse enterprise sap 15 SP6
1.44.2-150600.1.7
fixed
suse enterprise sap 15 SP7
1.44.2-150600.3.2.1
fixed
suse enterprise server 12 SP2
1.0.12-8.6
fixed
suse enterprise server 12 SP3
1.0.12-12.4
fixed
suse enterprise server 12 SP4
1.0.12-13.6.1
fixed
suse enterprise server 12 SP5
1.0.12-13.12.1
fixed
suse enterprise server 15
1.10.6-3.16
fixed
suse enterprise server 15 SP1
1.10.6-5.3.1
fixed
suse enterprise server 15 SP2
1.22.6-1.36
fixed
suse enterprise server 15 SP3
1.22.10-3.7.1
fixed
suse enterprise server 15 SP4
1.32.12-150400.1.11
fixed
suse enterprise server 15 SP5
1.38.6-150500.1.2
fixed
suse enterprise server 15 SP6
1.44.2-150600.1.7
fixed
suse enterprise server 15 SP7
1.44.2-150600.3.2.1
fixed
suse enterprise workstation 12 SP2
1.0.12-8.6
fixed
suse enterprise workstation 12 SP3
1.0.12-12.4
fixed
suse enterprise workstation 12 SP4
1.0.12-13.6.1
fixed
suse enterprise workstation 12 SP5
1.0.12-13.12.1
fixed
typelib-1_0-NMClient-1_0
suse enterprise desktop 15
1.10.6-3.16
fixed
suse enterprise desktop 15 SP1
1.10.6-5.3.1
fixed
suse enterprise sap 12 SP5
1.0.12-13.12.1
fixed
suse enterprise sap 15
1.10.6-3.16
fixed
suse enterprise sap 15 SP1
1.10.6-5.3.1
fixed
suse enterprise server 12 SP2
1.0.12-8.6
fixed
suse enterprise server 12 SP5
1.0.12-13.12.1
fixed
suse enterprise server 15
1.10.6-3.16
fixed
suse enterprise server 15 SP1
1.10.6-5.3.1
fixed
typelib-1_0-NetworkManager-1_0
suse enterprise desktop 15
1.10.6-3.16
fixed
suse enterprise desktop 15 SP1
1.10.6-5.3.1
fixed
suse enterprise sap 12 SP5
1.0.12-13.12.1
fixed
suse enterprise sap 15
1.10.6-3.16
fixed
suse enterprise sap 15 SP1
1.10.6-5.3.1
fixed
suse enterprise server 12 SP2
1.0.12-8.6
fixed
suse enterprise server 12 SP5
1.0.12-13.12.1
fixed
suse enterprise server 15
1.10.6-3.16
fixed
suse enterprise server 15 SP1
1.10.6-5.3.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
ModemManager
RHEL 7
0:1.1.0-8.git20130913.el7
fixed
ModemManager-devel
RHEL 7
0:1.1.0-8.git20130913.el7
fixed
ModemManager-glib
RHEL 7
0:1.1.0-8.git20130913.el7
fixed
ModemManager-glib-devel
RHEL 7
0:1.1.0-8.git20130913.el7
fixed
ModemManager-vala
RHEL 7
0:1.1.0-8.git20130913.el7
fixed
NetworkManager
RHEL 7
1:1.0.6-27.el7
fixed
NetworkManager-adsl
RHEL 7
1:1.0.6-27.el7
fixed
NetworkManager-bluetooth
RHEL 7
1:1.0.6-27.el7
fixed
NetworkManager-config-routing-rules
RHEL 7
1:1.0.6-27.el7
fixed
NetworkManager-config-server
RHEL 7
1:1.0.6-27.el7
fixed
NetworkManager-devel
RHEL 7
1:1.0.6-27.el7
fixed
NetworkManager-glib
RHEL 7
1:1.0.6-27.el7
fixed
NetworkManager-glib-devel
RHEL 7
1:1.0.6-27.el7
fixed
NetworkManager-libnm
RHEL 7
1:1.0.6-27.el7
fixed
NetworkManager-libnm-devel
RHEL 7
1:1.0.6-27.el7
fixed
NetworkManager-libreswan
RHEL 7
0:1.0.6-3.el7
fixed
NetworkManager-libreswan-gnome
RHEL 7
0:1.0.6-3.el7
fixed
NetworkManager-team
RHEL 7
1:1.0.6-27.el7
fixed
NetworkManager-tui
RHEL 7
1:1.0.6-27.el7
fixed
NetworkManager-wifi
RHEL 7
1:1.0.6-27.el7
fixed
NetworkManager-wwan
RHEL 7
1:1.0.6-27.el7
fixed
libnm-gtk
RHEL 7
0:1.0.6-2.el7
fixed
libnm-gtk-devel
RHEL 7
0:1.0.6-2.el7
fixed
network-manager-applet
RHEL 7
0:1.0.6-2.el7
fixed
nm-connection-editor
RHEL 7
0:1.0.6-2.el7
fixed
Common Weakness Enumeration
References
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157803.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158103.html
http://openwall.com/lists/oss-security/2015/04/04/2
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securityfocus.com/bid/76879
https://security.gentoo.org/glsa/201509-05
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157803.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158103.html
http://openwall.com/lists/oss-security/2015/04/04/2
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securityfocus.com/bid/76879
https://security.gentoo.org/glsa/201509-05