Published: 16/10/2016 Updated: 17/01/2023

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

The IP stack in the Linux kernel up to and including 4.8.2 allows remote malicious users to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a related issue to CVE-2016-8666.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle vm server 3.4
oracle linux 6
oracle linux 7
linux linux kernel

Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, w ...

Synopsis Important: kernel-rt security update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base sc ...

Synopsis Important: kernel-rt security update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise MRG 25Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base sc ...

Several security issues were fixed in the kernel ...

The IP stack in the Linux kernel before 46 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039 (CVE-2016-8666) Li ...

Linux kernel built with the 8021Q/8021ad VLAN(CONFIG_VLAN_8021Q) OR Virtual eXtensible Local Area Network(CONFIG_VXLAN) with Transparent Ethernet Bridging(TEB) GRO support, is vulnerable to a stack overflow issue It could occur while receiving large packets via GRO path, as an unlimited recursion could unfold in both VLAN and TEB modules, leadin ...

CWE-399 https://bugzilla.redhat.com/show_bug.cgi?id=1375944 https://patchwork.ozlabs.org/patch/680412/http://www.openwall.com/lists/oss-security/2016/10/10/15 http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html http://www.securityfocus.com/bid/93476 https://bto.bluecoat.com/security-advisory/sa134 https://access.redhat.com/errata/RHSA-2017:0372 http://rhn.redhat.com/errata/RHSA-2016-2110.html http://rhn.redhat.com/errata/RHSA-2016-2107.html http://rhn.redhat.com/errata/RHSA-2016-2047.html https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2016:2047 https://usn.ubuntu.com/3099-1/

CVE-2016-7039

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect