CVE-2016-7039

CVSS v3.1 7.5 (High)

CVSS v2.0 7.8 (High)

EPSS 0.84 % (83^th)

Affected Products 3

Advisories 13

The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a related issue to CVE-2016-8666.

Weaknesses

CWE-399: Resource Management Errors

Related CVEs

CVE-2016-8666

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2016-10-16 21:59:09
(8 years ago)
Updated Date: 2023-01-17 21:36:18
(20 months ago)

Affected Products

Linux

Linux Kernel

Oracle

Configuration #1

		CPE23	From	Up To
	Oracle Linux 6	cpe:2.3:o:oracle:linux:6
	Oracle Linux 7	cpe:2.3:o:oracle:linux:7
	Oracle Vm Server 3.4	cpe:2.3:o:oracle:vm_server:3.4

Configuration #2

	CPE23	From	Up To
Linux Kernel from 4.0 version and prior 4.1.37 version	cpe:2.3:o:linux:linux_kernel	>= 4.0	< 4.1.37
Linux Kernel from 4.2 version and prior 4.4.32 version	cpe:2.3:o:linux:linux_kernel	>= 4.2	< 4.4.32
Linux Kernel from 4.5 version and prior 4.8.8 version	cpe:2.3:o:linux:linux_kernel	>= 4.5	< 4.8.8