CVE-2016-7039 (retired)

Priority
Description
The IP stack in the Linux kernel through 4.8.2 allows remote attackers to
cause a denial of service (stack consumption and panic) or possibly have
unspecified other impact by triggering use of the GRO path for large
crafted packets, as demonstrated by packets that contain only VLAN headers,
a related issue to CVE-2016-8666.
Ubuntu-Description
Vladim√≠r BeneŇ° discovered an unbounded recursion in the VLAN and TEB
Generic Receive Offload (GRO) processing implementations in the Linux
kernel, A remote attacker could use this to cause a stack corruption,
leading to a denial of service (system crash).
Notes
 jdstrand> android kernels (flo, goldfish, grouper, maguro, mako and manta) are
  not supported on the Ubuntu Touch 14.10 and earlier preview kernels
 jdstrand> linux-lts-saucy no longer receives official support
 jdstrand> linux-lts-quantal no longer receives official support
 sbeattie> third break-fix may get split out into a separate CVE.
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1001.10)
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1003.3)
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Package
linux-krillin:not-affected
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1027.33)
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1030.33)
Package
Upstream:released (4.9~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
linux-vegetahd:not-affected
More Information

Updated: 2019-08-23 09:11:32 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)