CVE-2016-8106: Input Validation
First published: Mon Jan 09 2017(Updated: )
A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Ethernet Controller x710-AM2 SR1ZQ | <=5.04 | |
| Intel Ethernet Controller x710-am2 firmware | ||
| Intel XL710-AM2 Controller | ||
| Intel Ethernet Controller x710-bm2 | ||
| Intel Ethernet Controller x710-bm2 | ||
| Intel Ethernet Controller xl710-am1 sr1zm | ||
| Intel Ethernet Controller XL710 | ||
| Intel Ethernet Controller XL710 | ||
| Intel Ethernet Controller XL710 | ||
| Intel Ethernet Controller XL710-BM1 | ||
| Intel Ethernet Controller XL710-BM1 | ||
| Intel Ethernet Controller x710-bm2 | ||
| Intel Ethernet Controller XL710-BM2 | ||
| Intel Ethernet Controller XL710 | <=5.04 | |
| Intel Ethernet Converged Network Adapter X710-DA2 | ||
| Intel Ethernet Converged Network Adapter X710-DA4 | ||
| Intel Ethernet Converged Network Adapter X710-DA4 | ||
| Intel Ethernet Converged Network Adapter XL710 | ||
| Intel Ethernet Converged Network Adapter XL710-QDA2 | ||
| Intel Ethernet Converged Network Adapter X710-DA2 | ||
| Intel Ethernet Converged Network Adapter X710-DA2 | ||
| Intel Ethernet Converged Network Adapter X710-DA2 | ||
| Intel Ethernet Converged Network Adapter X710-DA4 | ||
| Intel Ethernet Converged Network Adapter X710-DA4 | ||
| Intel Ethernet Converged Network Adapter X710-DA4 | ||
| Intel Ethernet Converged Network Adapter X710-DA4 | ||
| Intel Ethernet I/O Module XL710-QDA1 AXx1P40FRtiom | ||
| Intel Ethernet I/O Module XL710-QDA1 AXx1P40FRtiom | ||
| Intel Ethernet I/O Module XL710-QDA1 AXx1P40FRtiom | ||
| Intel Ethernet Converged Network Adapter XL710-QDA2 | ||
| Intel Ethernet Converged Network Adapter XL710-QDA2 | ||
| Intel Ethernet Converged Network Adapter XL710-QDA2 | ||
| Intel Ethernet I/O Module XL710-QDA1 AXx1P40FRtiom | ||
| Intel Ethernet I/O Module XL710-QDA2 | ||
| HP Ethernet 10GB 2-Port 562FLR-SFP+ | ||
| HP Ethernet 10Gb 2-Port 562SFP+ | ||
| hp Ethernet 10gb 4-port 563sfp+ | ||
| HP ProLiant XL260a Gen9 Server | ||
| Lenovo Converged HX Series | =5.05 | |
| Lenovo Converged HX5500 Appliance | =5.05 | |
| Lenovo Converged HX5510 Appliance | =5.05 | |
| Lenovo Converged HX7500 Appliance | =5.05 | |
| Lenovo Converged HX7510 Appliance | =5.05 | |
| Lenovo NextScale NX360 M5 | =5.05 | |
| Lenovo System X3250 M5 | =5.05 | |
| Lenovo System X3500 M5 | =5.05 | |
| Lenovo System X3550 M5 | =5.05 | |
| Lenovo System x3650 M5 | =5.05 | |
| Lenovo System X3750 M4 | =5.05 | |
| Lenovo System X3850 X6 | =5.05 | |
| Lenovo System X3950 X6 Firmware | =5.05 | |
| Lenovo ThinkAgile CX2200 | =5.05 | |
| Lenovo ThinkAgile CX4200 | =5.05 | |
| Lenovo ThinkAgile CX4600 | =5.05 | |
| Lenovo ThinkServer RD350 | =5.05 | |
| Lenovo ThinkServer RD450 | =5.05 | |
| Lenovo ThinkServer RD550 | =5.05 | |
| Lenovo ThinkServer RD650 | =5.05 | |
| Lenovo ThinkServer SD350 | =5.05 | |
| Lenovo ThinkServer TD350 | =5.05 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www-01.ibm.com/support/docview.wss?uid=swg22002507
- http://www.securityfocus.com/bid/95333
- http://www.securitytracker.com/id/1037562
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05368378
- https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00063&languageid=en-fr
- https://security.netapp.com/advisory/ntap-20190731-0001/
- https://support.lenovo.com/us/en/product_security/LEN-12029
Frequently Asked Questions
What is the severity of CVE-2016-8106?
CVE-2016-8106 is classified as a Denial of Service vulnerability which may have a significant impact on affected systems.
How do I fix CVE-2016-8106?
To remediate CVE-2016-8106, update the Intel Ethernet Controller's firmware to version 5.05 or later.
What products are affected by CVE-2016-8106?
CVE-2016-8106 affects Intel Ethernet Controllers X710 and XL710 with firmware versions prior to 5.05.
Can CVE-2016-8106 be exploited remotely?
Yes, CVE-2016-8106 can be exploited remotely under specific network conditions.
What impact does CVE-2016-8106 have on network traffic?
CVE-2016-8106 can prevent the affected Intel Ethernet Controller from processing network traffic, leading to service disruptions.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/remedy
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/intel
- canonical/intel ethernet controller x710-am2 sr1zq
- version/intel ethernet controller x710-am2 sr1zq/5.04
- canonical/intel ethernet controller x710-am2 firmware
- canonical/intel xl710-am2 controller
- canonical/intel ethernet controller x710-bm2
- canonical/intel ethernet controller xl710-am1 sr1zm
- canonical/intel ethernet controller xl710
- canonical/intel ethernet controller xl710-bm1
- canonical/intel ethernet controller xl710-bm2
- version/intel ethernet controller xl710/5.04
- canonical/intel ethernet converged network adapter x710-da2
- canonical/intel ethernet converged network adapter x710-da4
- canonical/intel ethernet converged network adapter xl710
- canonical/intel ethernet converged network adapter xl710-qda2
- canonical/intel ethernet i/o module xl710-qda1 axx1p40frtiom
- canonical/intel ethernet i/o module xl710-qda2
- vendor/hp
- canonical/hp ethernet 10gb 2-port 562flr-sfp+
- canonical/hp ethernet 10gb 2-port 562sfp+
- canonical/hp ethernet 10gb 4-port 563sfp+
- canonical/hp proliant xl260a gen9 server
- vendor/lenovo
- canonical/lenovo converged hx series
- version/lenovo converged hx series/5.05
- canonical/lenovo converged hx5500 appliance
- version/lenovo converged hx5500 appliance/5.05
- canonical/lenovo converged hx5510 appliance
- version/lenovo converged hx5510 appliance/5.05
- canonical/lenovo converged hx7500 appliance
- version/lenovo converged hx7500 appliance/5.05
- canonical/lenovo converged hx7510 appliance
- version/lenovo converged hx7510 appliance/5.05
- canonical/lenovo nextscale nx360 m5
- version/lenovo nextscale nx360 m5/5.05
- canonical/lenovo system x3250 m5
- version/lenovo system x3250 m5/5.05
- canonical/lenovo system x3500 m5
- version/lenovo system x3500 m5/5.05
- canonical/lenovo system x3550 m5
- version/lenovo system x3550 m5/5.05
- canonical/lenovo system x3650 m5
- version/lenovo system x3650 m5/5.05
- canonical/lenovo system x3750 m4
- version/lenovo system x3750 m4/5.05
- canonical/lenovo system x3850 x6
- version/lenovo system x3850 x6/5.05
- canonical/lenovo system x3950 x6 firmware
- version/lenovo system x3950 x6 firmware/5.05
- canonical/lenovo thinkagile cx2200
- version/lenovo thinkagile cx2200/5.05
- canonical/lenovo thinkagile cx4200
- version/lenovo thinkagile cx4200/5.05
- canonical/lenovo thinkagile cx4600
- version/lenovo thinkagile cx4600/5.05
- canonical/lenovo thinkserver rd350
- version/lenovo thinkserver rd350/5.05
- canonical/lenovo thinkserver rd450
- version/lenovo thinkserver rd450/5.05
- canonical/lenovo thinkserver rd550
- version/lenovo thinkserver rd550/5.05
- canonical/lenovo thinkserver rd650
- version/lenovo thinkserver rd650/5.05
- canonical/lenovo thinkserver sd350
- version/lenovo thinkserver sd350/5.05
- canonical/lenovo thinkserver td350
- version/lenovo thinkserver td350/5.05