CVE-2016-7039
kernel: remotely triggerable unbounded recursion in the vlan gro code leading to a kernel crash
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a related issue to CVE-2016-8666.
La pila IP en el kernel de Linux hasta la versión 4.8.2 permite a atacantes remotos provocar una denegación de servicio (consumo de pila y pánico) o tener otro posible impacto no especificado desencadenando uso de la ruta GRO para paquetes grandes manipulados, como se demuestra por los paquetes que contienen solo cabeceras VLAN, un problema relacionado con CVE-2016-8666.
Linux kernel built with the 802.1Q/802.1ad VLAN(CONFIG_VLAN_8021Q) OR Virtual eXtensible Local Area Network(CONFIG_VXLAN) with Transparent Ethernet Bridging(TEB) GRO support, is vulnerable to a stack overflow issue. It could occur while receiving large packets via GRO path, as an unlimited recursion could unfold in both VLAN and TEB modules, leading to a stack corruption in the kernel.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-08-23 CVE Reserved
- 2016-10-12 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-08 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
- CWE-674: Uncontrolled Recursion
CAPEC
References (12)
| URL | Tag | Source |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html | Third Party Advisory |
|
| http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html | Third Party Advisory |
|
| http://www.securityfocus.com/bid/93476 | Third Party Advisory | |
| https://bto.bluecoat.com/security-advisory/sa134 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2016/10/10/15 | 2023-01-17 | |
| https://patchwork.ozlabs.org/patch/680412 | 2023-01-17 |
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2016-2047.html | 2023-01-17 | |
| http://rhn.redhat.com/errata/RHSA-2016-2107.html | 2023-01-17 | |
| http://rhn.redhat.com/errata/RHSA-2016-2110.html | 2023-01-17 | |
| https://access.redhat.com/errata/RHSA-2017:0372 | 2023-01-17 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1375944 | 2017-03-02 | |
| https://access.redhat.com/security/cve/CVE-2016-7039 | 2017-03-02 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Oracle Search vendor "Oracle" | Linux Search vendor "Oracle" for product "Linux" | 6 Search vendor "Oracle" for product "Linux" and version "6" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Linux Search vendor "Oracle" for product "Linux" | 7 Search vendor "Oracle" for product "Linux" and version "7" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Vm Server Search vendor "Oracle" for product "Vm Server" | 3.4 Search vendor "Oracle" for product "Vm Server" and version "3.4" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.0 < 4.1.37 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.0 < 4.1.37" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.2 < 4.4.32 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.2 < 4.4.32" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.5 < 4.8.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.5 < 4.8.8" | - |
Affected
| ||||||