Vulnerability Description
The NetKVM Windows Virtio driver allows remote attackers to cause a denial of service (guest crash) via a crafted length value in an IP packet, as demonstrated by a value that does not account for the size of the IP options.
CVSS Score
7.5
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Virtio-Win | - |
Related Weaknesses (CWE)
References
- http://rhn.redhat.com/errata/RHSA-2015-1043.htmlVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2015-1044.htmlVendor Advisory
- https://github.com/YanVugenfirer/kvm-guest-drivers-windows/commit/723416fa4210b7PatchThird Party Advisory
- https://github.com/YanVugenfirer/kvm-guest-drivers-windows/commit/fbfa4d1083ea84PatchThird Party Advisory
- https://www.redhat.com/security/data/cve/CVE-2015-3215.htmlVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2015-1043.htmlVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2015-1044.htmlVendor Advisory
- https://github.com/YanVugenfirer/kvm-guest-drivers-windows/commit/723416fa4210b7PatchThird Party Advisory
- https://github.com/YanVugenfirer/kvm-guest-drivers-windows/commit/fbfa4d1083ea84PatchThird Party Advisory
- https://www.redhat.com/security/data/cve/CVE-2015-3215.htmlVendor Advisory
FAQ
What is CVE-2015-3215?
CVE-2015-3215 is a vulnerability with a CVSS score of 7.5 (HIGH). The NetKVM Windows Virtio driver allows remote attackers to cause a denial of service (guest crash) via a crafted length value in an IP packet, as demonstrated by a value that does not account for the...
How severe is CVE-2015-3215?
CVE-2015-3215 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-3215?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Virtio-Win.