An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue A flaw was discovered in the Linux kernel's implementation of IPv6 router advertisement handling. Under low-memory-free conditions a kmalloc request may fail leaving the system to crash shortly after with a null pointer dereference. The attacker must be able to send IPv6 RA packets to this host, most routers will not forward these packets requiring the attacker to be on the local network.
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center