vulnerability
Ubuntu: (CVE-2016-8666): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Oct 16, 2016 | Nov 19, 2024 | Sep 1, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Oct 16, 2016
Added
Nov 19, 2024
Modified
Sep 1, 2025
Description
The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039.
Solutions
ubuntu-upgrade-linuxubuntu-upgrade-linux-lts-trustyubuntu-upgrade-linux-lts-vividubuntu-upgrade-linux-lts-xenialubuntu-upgrade-linux-raspi2ubuntu-upgrade-linux-snapdragon
References
- CVE-2016-8666
- https://attackerkb.com/topics/CVE-2016-8666
- CWE-400
- URL-http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fac8e0f579695a3ecbc4d3cac369139d7f819971
- URL-http://www.openwall.com/lists/oss-security/2016/10/13/11
- URL-http://www.openwall.com/lists/oss-security/2016/10/14/3
- URL-https://bugzilla.redhat.com/show_bug.cgi?id=1384991
- URL-https://bugzilla.suse.com/show_bug.cgi?id=1001486
- URL-https://github.com/torvalds/linux/commit/fac8e0f579695a3ecbc4d3cac369139d7f819971
- URL-https://www.cve.org/CVERecord?id=CVE-2016-8666
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.