CVE-2015-2923: 
vSphere ESXi Hypervisor vulnerability analysis and mitigation

CVE-2015-2923 affects the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD through version 10.1. The vulnerability was discovered and disclosed in April 2015, with the security advisory being released on April 7, 2015. The vulnerability allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message (FreeBSD Advisory, MITRE CVE).

The vulnerability exists in the IPv6 Neighbor Discovery protocol implementation where the system accepts and processes Router Advertisement messages containing hop limit values. The CVSS v2.0 base score is 3.3 (LOW) with vector (AV:A/AC:L/Au:N/C:N/I:N/A:P), while the CVSS v3.1 base score is 6.5 (MEDIUM) with vector CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. The vulnerability is classified as CWE-20 (Improper Input Validation) (MITRE CVE).

When exploited, this vulnerability can cause IPv6 packets to be dropped before reaching their intended destinations. An attacker on the local network can cause affected FreeBSD systems to lose the ability to communicate with other IPv6 nodes on different networks by sending specifically crafted Router Advertisement packets (FreeBSD Advisory).

As a workaround, system administrators can disable acceptance of Router Advertisements from untrusted networks on a per-interface basis by removing the accept_rtadv flag using the command 'ifconfig em0 inet6 -accept_rtadv'. For a permanent fix, users should upgrade to patched versions of FreeBSD or apply the security patch provided in the advisory. The fix was implemented in FreeBSD versions 10.1-RELEASE-p9, 9.3-RELEASE-p13, and 8.4-RELEASE-p27 (FreeBSD Advisory).