CVE-2016-8666

CVSS v3.1 7.5 (High)

CVSS v2.0 7.8 (High)

EPSS 8.75 % (95^th)

Affected Products 1

Advisories 16

The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039.

Weaknesses

CWE-400: Uncontrolled Resource Consumption

Related CVEs

CVE-2016-7039

CVE Status: PUBLISHED
CNA: OpenText
Published Date: 2016-10-16 21:59:15
(8 years ago)
Updated Date: 2023-11-07 02:36:27
(10 months ago)

Affected Products

Linux

Linux Kernel

Configuration #1

	CPE23	From	Up To
Linux Kernel from 3.14 version and prior 3.16.35 version	cpe:2.3:o:linux:linux_kernel	>= 3.14	< 3.16.35
Linux Kernel from 3.17 version and prior 3.18.47 version	cpe:2.3:o:linux:linux_kernel	>= 3.17	< 3.18.47
Linux Kernel from 3.19 version and prior 4.1.38 version	cpe:2.3:o:linux:linux_kernel	>= 3.19	< 4.1.38
Linux Kernel from 4.2 version and prior 4.4.29 version	cpe:2.3:o:linux:linux_kernel	>= 4.2	< 4.4.29
Linux Kernel from 4.5 version and prior 4.6 version	cpe:2.3:o:linux:linux_kernel	>= 4.5	< 4.6