CVE-2016-8105 - OpenCVE

Drivers for the Intel Ethernet Controller X710 and Intel Ethernet Controller XL710 families before version 22.0 are vulnerable to a denial of service in certain layer 2 network configurations.

No CVSS v3.1

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:A/AC:L/Au:N/C:N/I:N/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Intel	Xl710 Series Driver X710-am2 Controller Xl710-bm2 Controller Xl710-am1 Controller X710-bm2 Controller X710 Series Driver Xl710-am2 Controller Xl710-bm1 Controller

Configuration 1 [-]

AND

OR	cpe:2.3:a:intel:x710_series_driver::::::::
	cpe:2.3:a:intel:xl710_series_driver::::::::

OR	cpe:2.3:h:intel:x710-am2_controller:-:::::::*
	cpe:2.3:h:intel:x710-bm2_controller:-:::::::*
	cpe:2.3:h:intel:xl710-am1_controller:-:::::::*
	cpe:2.3:h:intel:xl710-am2_controller:-:::::::*
	cpe:2.3:h:intel:xl710-bm1_controller:-:::::::*
	cpe:2.3:h:intel:xl710-bm2_controller:-:::::::*

References

Link	Resource
http://www.securityfocus.com/bid/96474
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00069&languageid=en-fr

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: intel

Published: 2017-02-27T18:00:00

Updated: 2017-03-01T10:57:01

Reserved: 2016-09-09T00:00:00

Link: CVE-2016-8105

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-02-27T18:59:00.177

Modified: 2017-03-02T16:17:28.083

Link: CVE-2016-8105

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "Intel Ethernet Controller X710 family and Intel Ethernet Controller XL710 family", "vendor": "Intel", "versions": [{"status": "affected", "version": "Before 22.0"}]}], "datePublic": "2017-02-27T00:00:00", "descriptions": [{"lang": "en", "value": "Drivers for the Intel Ethernet Controller X710 and Intel Ethernet Controller XL710 families before version 22.0 are vulnerable to a denial of service in certain layer 2 network configurations."}], "problemTypes": [{"descriptions": [{"description": "Denial of Service", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-03-01T10:57:01", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel"}, "references": [{"name": "96474", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/96474"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00069&languageid=en-fr"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@intel.com", "ID": "CVE-2016-8105", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Intel Ethernet Controller X710 family and Intel Ethernet Controller XL710 family", "version": {"version_data": [{"version_value": "Before 22.0"}]}}]}, "vendor_name": "Intel"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Drivers for the Intel Ethernet Controller X710 and Intel Ethernet Controller XL710 families before version 22.0 are vulnerable to a denial of service in certain layer 2 network configurations."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial of Service"}]}]}, "references": {"reference_data": [{"name": "96474", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96474"}, {"name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00069&languageid=en-fr", "refsource": "CONFIRM", "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00069&languageid=en-fr"}]}}}}, "cveMetadata": {"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2016-8105", "datePublished": "2017-02-27T18:00:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2017-03-01T10:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:intel:x710_series_driver:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A973AA2-0B45-49FA-9DE1-204E8620F360", "versionEndIncluding": "21.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:intel:xl710_series_driver:*:*:*:*:*:*:*:*", "matchCriteriaId": "43551937-E245-4FEE-B322-63A13938F397", "versionEndIncluding": "21.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:x710-am2_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC979C3F-3D1C-43D6-A236-E8BD49EE8843", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:x710-bm2_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2F1DE4E-CC42-4988-B8F2-D5E9C696E214", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xl710-am1_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "AC7160B9-F0B1-4CAF-926E-185F5575522C", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xl710-am2_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "6B70EC91-9B74-4B3F-9EBD-D4A63DAE1B6B", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xl710-bm1_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "8FBC085F-635B-4162-8559-3950F54A98F0", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xl710-bm2_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "E12096C6-3339-43AC-87D2-28836FA39656", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Drivers for the Intel Ethernet Controller X710 and Intel Ethernet Controller XL710 families before version 22.0 are vulnerable to a denial of service in certain layer 2 network configurations."}, {"lang": "es", "value": "\"Controladores para las familias Intel Ethernet Controller X710 e Intel Ethernet Controller XL710 con versiones anteriores a 22.0 son vulnerables a una denegaci\u00f3n de servicio en determinadas configuraciones de red de la capa 2.\""}], "id": "CVE-2016-8105", "lastModified": "2017-03-02T16:17:28.083", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-02-27T18:59:00.177", "references": [{"source": "secure@intel.com", "url": "http://www.securityfocus.com/bid/96474"}, {"source": "secure@intel.com", "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00069&languageid=en-fr"}], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}