CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
Percentile
69.9%
The Linux kernel, when using IPv6, allows remote attackers to determine
whether a host is sniffing the network by sending an ICMPv6 Echo Request to
a multicast address and determining whether an Echo Reply is sent, as
demonstrated by thcping.
Author | Note |
---|---|
henrix | no upstream fix yet. also, RH has rated this issue as having low security impact and is not planning to address it. |
mdeslaur | this is a minor issue, we don’t plan on fixing this with a security update. |