CVE-2016-8105 : Drivers for the Intel Ethernet Controller X710 and Intel Ethernet Controller XL7

Drivers for the Intel Ethernet Controller X710 and Intel Ethernet Controller XL710 families before version 22.0 are vulnerable to a denial of service in certain layer 2 network configurations.

Published 2017-02-27 18:59:00

Updated 2017-03-02 16:17:28

Source Intel Corporation

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2016-8105

Intel » X710 Series Driver
Versions up to, including, (<=) 21.3
cpe:2.3:a:intel:x710_series_driver:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » X710-am2 Controller » Version: N/A
When used together with: Intel » X710-bm2 Controller » Version: N/A
When used together with: Intel » Xl710-am1 Controller » Version: N/A
When used together with: Intel » Xl710-am2 Controller » Version: N/A
When used together with: Intel » Xl710-bm1 Controller » Version: N/A
When used together with: Intel » Xl710-bm2 Controller » Version: N/A
Intel » Xl710 Series Driver
Versions up to, including, (<=) 21.3
cpe:2.3:a:intel:xl710_series_driver:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » X710-am2 Controller » Version: N/A
When used together with: Intel » X710-bm2 Controller » Version: N/A
When used together with: Intel » Xl710-am1 Controller » Version: N/A
When used together with: Intel » Xl710-am2 Controller » Version: N/A
When used together with: Intel » Xl710-bm1 Controller » Version: N/A
When used together with: Intel » Xl710-bm2 Controller » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2016-8105

EPSS FAQ

0.08%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 22 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2016-8105

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.1	MEDIUM	AV:A/AC:L/Au:N/C:N/I:N/A:C	6.5	6.9	NIST
Access Vector: Adjacent Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete
6.5	MEDIUM	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	2.8	3.6	NIST
Attack Vector: Adjacent Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

References for CVE-2016-8105

http://www.securityfocus.com/bid/96474

Multiple Intel Ethernet Controller CVE-2016-8105 Denial of Service Vulnerability
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00069&languageid=en-fr

INTEL-SA-00069

Jump to

Vulnerability Details : CVE-2016-8105

Products affected by CVE-2016-8105

Exploit prediction scoring system (EPSS) score for CVE-2016-8105

CVSS scores for CVE-2016-8105

References for CVE-2016-8105