CVE-2016-7039

Published: Oct 16, 2016Modified: May 6, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a related issue to CVE-2016-8666.

Affected (6)

Products: Oracle: Linux, Vm Server · Linux: Linux Kernel

2 products

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Oracle Linux	Version 6
Oracle Linux	Version 7
Oracle Vm Server	Version 3.4

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 4.0 to 4.1.37
Linux Linux Kernel	From 4.2 to 4.4.32
Linux Linux Kernel	From 4.5 to 4.8.8

Related CWEs

References (22)

http://rhn.redhat.com/errata/RHSA-2016-2047.html

Source: cve@mitre.org

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2107.html

Source: cve@mitre.org

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2110.html

Source: cve@mitre.org

Third Party Advisory

http://www.openwall.com/lists/oss-security/2016/10/10/15

Source: cve@mitre.org

Mailing ListPatchThird Party Advisory

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html

Source: cve@mitre.org

Third Party Advisory

http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html

Source: cve@mitre.org

Third Party Advisory

http://www.securityfocus.com/bid/93476

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://access.redhat.com/errata/RHSA-2017:0372

Source: cve@mitre.org

Third Party Advisory

https://bto.bluecoat.com/security-advisory/sa134

Source: cve@mitre.org

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1375944

Source: cve@mitre.org

Issue TrackingThird Party Advisory

https://patchwork.ozlabs.org/patch/680412/

Source: cve@mitre.org

Issue TrackingPatch

http://rhn.redhat.com/errata/RHSA-2016-2047.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2107.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2110.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.openwall.com/lists/oss-security/2016/10/10/15

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatchThird Party Advisory

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.securityfocus.com/bid/93476

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://access.redhat.com/errata/RHSA-2017:0372

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://bto.bluecoat.com/security-advisory/sa134

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1375944

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

https://patchwork.ozlabs.org/patch/680412/

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatch

Timeline

No history available yet.