CVE-2016-8106

Impact:
Moderate
Public Date:
2017-01-09
Bugzilla:
1386646: CVE-2016-8106 kernel: DoS of Intel Ethernet controllers after a period of IPv6 fragment flood
It was found that Intel® Ethernet Controller X710 family and Intel® Ethernet Controller XL710 family of products (aka Fortville) can possibly lock up and not receive any packets after a period of IPv6 fragment flood.

Find out more about CVE-2016-8106 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

None of the Red Hat's products are affected as the flaw was found in the Intel network card Non-Volatile Flash Memory (NVM) image (firmware).

CVSS v2 metrics

NOTE: The following CVSS v2 metrics and score provided are preliminary and subject to review.

Base Score 4.3
Base Metrics AV:N/AC:M/Au:N/C:N/I:N/A:P
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial

CVSS v3 metrics

NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.

CVSS3 Base Score 5.9
CVSS3 Base Metrics CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector Network
Attack Complexity High
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity Impact None
Availability Impact High

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Affected Packages State

Platform Package State
Red Hat Enterprise MRG 2 realtime-kernel Not affected
Red Hat Enterprise Linux 7 kernel-rt Not affected
Red Hat Enterprise Linux 7 kernel Not affected
Red Hat Enterprise Linux 6 kernel Not affected
Red Hat Enterprise Linux 5 kernel Not affected

Last Modified
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.