Vulnerabilities > CVE-2015-7516 - NULL Pointer Dereference vulnerability in Onosproject Onos
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
ONOS before 1.5.0 when using the ifwd app allows remote attackers to cause a denial of service (NULL pointer dereference and switch disconnect) by sending two Ethernet frames with ether_type Jumbo Frame (0x8870).
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 18 |
Common Weakness Enumeration (CWE)
References
- http://www.openwall.com/lists/oss-security/2015/11/26/1
- http://www.openwall.com/lists/oss-security/2015/11/26/1
- http://www.securityfocus.com/bid/77752
- http://www.securityfocus.com/bid/77752
- https://gerrit.onosproject.org/#/c/6137/
- https://gerrit.onosproject.org/#/c/6137/
- https://jira.onosproject.org/browse/ONOS-3349
- https://jira.onosproject.org/browse/ONOS-3349
- https://wiki.onosproject.org/display/ONOS/Security+advisories
- https://wiki.onosproject.org/display/ONOS/Security+advisories