← Back to team overview

touch-packages team mailing list archive

[Bug 1450066] Re: IPv6 hop limit set to 0

 

This issue may be resolved by providing a newer version of
networkmanager (>= 0.9.10.2)

In this version a patch was introduced to mitigate CVE-2015-2922 (don't allow setting the HL smaller than it was before)
This patch also makes sure a HL < 10 does not get set.

[ 1 ] The changelog of version 0.9.10.2
         http://www.pro-linux.de/sicherheit/2/print/30542/index.html

[ 2 ] CVE-2015-2922 kernel: denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements.
        https://access.redhat.com/security/cve/CVE-2015-2922

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-2922

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1450066

Title:
  IPv6 hop limit set to 0

Status in network-manager package in Ubuntu:
  Triaged
Status in network-manager source package in Vivid:
  Triaged

Bug description:
  On upgrading from Ubuntu 14.10 to 15.04 I found that my IPv6
  networking no longer worked. It turned out that this was because my
  hop limit was set to zero:

  # sysctl -a | fgrep eth0.hop_limit
  net.ipv6.conf.eth0.hop_limit = 0

  which in turn seems to have been cause by a known problem in the
  network manager:

  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756534
  https://bugzilla.gnome.org/show_bug.cgi?id=737252

  Since this has already been fixed in the GNOME project, can Ubuntu
  15.04 please take the upstream fix?

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1450066/+subscriptions


References