CVE-2015-1465

CVSS v2.0 7.8 (High)

EPSS 11.58 % (95^th)

Affected Products 2

Advisories 10

The IPv4 implementation in the Linux kernel before 3.18.8 does not properly consider the length of the Read-Copy Update (RCU) grace period for redirecting lookups in the absence of caching, which allows remote attackers to cause a denial of service (memory consumption or system crash) via a flood of packets.

Weaknesses

CWE-17: DEPRECATED: Code

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2015-04-05 21:59:01
(9 years ago)
Updated Date: 2023-11-07 02:24:49
(10 months ago)

Affected Products

Canonical

Ubuntu Linux

Linux

Linux Kernel

Configuration #1

	CPE23	From	Up To
Linux Kernel from 3.10.50 version and prior 3.10.70 version	cpe:2.3:o:linux:linux_kernel	>= 3.10.50	< 3.10.70
Linux Kernel from 3.12.26 version and prior 3.12.38 version	cpe:2.3:o:linux:linux_kernel	>= 3.12.26	< 3.12.38
Linux Kernel from 3.14.14 version and prior 3.14.34 version	cpe:2.3:o:linux:linux_kernel	>= 3.14.14	< 3.14.34
Linux Kernel from 3.15.7 version and prior 3.16.35 version	cpe:2.3:o:linux:linux_kernel	>= 3.15.7	< 3.16.35
Linux Kernel from 3.17 version and prior 3.18.8 version	cpe:2.3:o:linux:linux_kernel	>= 3.17	< 3.18.8

Configuration #2

		CPE23	From	Up To
	Canonical Ubuntu Linux 12.04	cpe:2.3:o:canonical:ubuntu_linux:12.04:::*:-
	Canonical Ubuntu Linux 14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04:::*:esm
	Canonical Ubuntu Linux 14.10	cpe:2.3:o:canonical:ubuntu_linux:14.10