[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2016-762 ---- kernel perf

ID: oval:org.secpod.oval:def:1600467Date: (C)2016-11-11   (M)2023-12-20
Class: PATCHFamily: unix




The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039 . Linux kernel built with the 802.1Q/802.1ad VLAN OR Virtual eXtensible Local Area Network with Transparent Ethernet Bridging GRO support, is vulnerable to a stack overflow issue. It could occur while receiving large packets via GRO path, as an unlimited recursion could unfold in both VLAN and TEB modules, leading to a stack corruption in the kernel

Platform:
Amazon Linux AMI
Product:
kernel
perf
Reference:
ALAS-2016-762
CVE-2016-8666
CVE-2016-7039
CVE    2
CVE-2016-7039
CVE-2016-8666
CPE    5
cpe:/o:amazon:linux
cpe:/o:linux:linux_kernel:4.5.7
cpe:/o:linux:linux_kernel
cpe:/a:perf:perf
...

© SecPod Technologies