CVE-2016-8666
kernel: Remotely triggerable recursion in GRE code leading to kernel crash
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039.
La pila IP en el kernel de Linux en versiones anteriores a 4.6 permite a atacantes remotos provocar una denegación de servicio (consumo de pila y pánico) o tener otro posible impacto no especificado desencadenando uso de la ruta GRO para paquetes con apilamiento en túnel, como se demuestra por cabeceras IPv4 y cabeceras GRE intercaladas, un problema relacionado con CVE-2016-7039.
A flaw was found in the way the Linux kernel's networking subsystem handled offloaded packets with multiple layers of encapsulation in the GRO (Generic Receive Offload) code path. A remote attacker could use this flaw to trigger unbounded recursion in the kernel that could lead to stack corruption, resulting in a system crash.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-10-14 CVE Reserved
- 2016-10-16 CVE Published
- 2024-01-17 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
- CWE-674: Uncontrolled Recursion
CAPEC
References (13)
| URL | Tag | Source |
|---|---|---|
| http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fac8e0f579695a3ecbc4d3cac369139d7f819971 | X_refsource_confirm | |
| http://www.openwall.com/lists/oss-security/2016/10/13/11 | Mailing List |
|
| http://www.securityfocus.com/bid/93562 | Vdb Entry | |
| https://bto.bluecoat.com/security-advisory/sa134 | X_refsource_confirm | |
| https://bugzilla.suse.com/show_bug.cgi?id=1001486 | X_refsource_confirm | |
| https://github.com/torvalds/linux/commit/fac8e0f579695a3ecbc4d3cac369139d7f819971 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2016-2047.html | 2023-11-07 | |
| http://rhn.redhat.com/errata/RHSA-2016-2107.html | 2023-11-07 | |
| http://rhn.redhat.com/errata/RHSA-2016-2110.html | 2023-11-07 | |
| http://rhn.redhat.com/errata/RHSA-2017-0004.html | 2023-11-07 | |
| https://access.redhat.com/errata/RHSA-2017:0372 | 2023-11-07 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1384991 | 2017-03-02 | |
| https://access.redhat.com/security/cve/CVE-2016-8666 | 2017-03-02 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.14 < 3.16.35 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 3.16.35" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.17 < 3.18.47 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.17 < 3.18.47" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.19 < 4.1.38 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.19 < 4.1.38" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.2 < 4.4.29 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.2 < 4.4.29" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.5 < 4.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.5 < 4.6" | - |
Affected
| ||||||