Vulnerability Description
A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Ethernet Controller X710 Firmware | <= 5.04 |
| Intel | Ethernet Controller X710-Am2 Sr1Zp | - |
| Intel | Ethernet Controller X710-Am2 Sr1Zq | - |
| Intel | Ethernet Controller X710-Bm2 Sllkb | - |
| Intel | Ethernet Controller X710-Bm2 Sllkc | - |
| Intel | Ethernet Controller Xl710-Am1 Sr1Zm | - |
| Intel | Ethernet Controller Xl710-Am1 Sr1Zn | - |
| Intel | Ethernet Controller Xl710-Am2 Sr1Zk | - |
| Intel | Ethernet Controller Xl710-Am2 Sr1Zl | - |
| Intel | Ethernet Controller Xl710-Bm1 Sllk9 | - |
| Intel | Ethernet Controller Xl710-Bm1 Sllka | - |
| Intel | Ethernet Controller Xl710-Bm2 Sllk7 | - |
| Intel | Ethernet Controller Xl710-Bm2 Sllk8 | - |
| Intel | Ethernet Controller Xl710 Firmware | <= 5.04 |
| Intel | Eth Converged Ntwk Adptr X710-Da2 Ex710Da2G1P5 | - |
| Intel | Eth Converged Ntwk Adptr X710-Da4 Ex710Da4Fhg1P5 | - |
| Intel | Eth Converged Ntwk Adptr X710-Da4 Ex710Da4G1P5 | - |
| Intel | Eth Converged Ntwk Adptr Xl710-Qda1 Exl710Qda1G1P5 | - |
| Intel | Eth Converged Ntwk Adptr Xl710-Qda2 Exl710Qda2G1P5 | - |
| Intel | Ethernet Converged Network Adapter X710-Da2 X710Da2 | - |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg22002507
- http://www.securityfocus.com/bid/95333Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1037562
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-cPatchThird Party Advisory
- https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00063&languageiPatchVendor Advisory
- https://security.netapp.com/advisory/ntap-20190731-0001/
- https://support.lenovo.com/us/en/product_security/LEN-12029PatchThird Party Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg22002507
- http://www.securityfocus.com/bid/95333Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1037562
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-cPatchThird Party Advisory
- https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00063&languageiPatchVendor Advisory
- https://security.netapp.com/advisory/ntap-20190731-0001/
- https://support.lenovo.com/us/en/product_security/LEN-12029PatchThird Party Advisory
FAQ
What is CVE-2016-8106?
CVE-2016-8106 is a vulnerability with a CVSS score of 5.9 (MEDIUM). A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic workin...
How severe is CVE-2016-8106?
CVE-2016-8106 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-8106?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Ethernet Controller X710 Firmware, Intel Ethernet Controller X710-Am2 Sr1Zp, Intel Ethernet Controller X710-Am2 Sr1Zq, Intel Ethernet Controller X710-Bm2 Sllkb, Intel Ethernet Controller X710-Bm2 Sllkc.