CVE-2016-8106 - Vulnerability Details

A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.02584.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Intel

IntelÂ® Ethernet Controller X710 family and IntelÂ® Ethernet Controller XL710 family

affected

Version	Status	Constraints
`Before NVM Version 5.05`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:intel:ethernet_controller_x710_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:intel:ethernet_controller_x710-am2_sr1zp:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_x710-am2_sr1zq:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_x710-bm2_sllkb:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_x710-bm2_sllkc:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_xl710-am1_sr1zm:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_xl710-am1_sr1zn:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_xl710-am2_sr1zk:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_xl710-am2_sr1zl:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_xl710-bm1_sllk9:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_xl710-bm1_sllka:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_xl710-bm2_sllk7:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_xl710-bm2_sllk8:-:::::::*

Configuration 2 [-]

AND

cpe:2.3:o:intel:ethernet_controller_xl710_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:intel:eth_converged_ntwk_adptr_x710-da2_ex710da2g1p5:-:::::::*
	cpe:2.3:h:intel:eth_converged_ntwk_adptr_x710-da4_ex710da4fhg1p5:-:::::::*
	cpe:2.3:h:intel:eth_converged_ntwk_adptr_x710-da4_ex710da4g1p5:-:::::::*
	cpe:2.3:h:intel:eth_converged_ntwk_adptr_xl710-qda1_exl710qda1g1p5:-:::::::*
	cpe:2.3:h:intel:eth_converged_ntwk_adptr_xl710-qda2_exl710qda2g1p5:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da2_x710da2:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da2_x710da2blk:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da2_x710da2g2p5:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da4_x710da4fh:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da4_x710da4fhblk:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da4_x710da4fhg2p5:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da4_x710da4g2p5:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-qda1_xl710qda1:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-qda1_xl710qda1blk:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-qda1_xl710qda1g2p5:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-qda2_xl710qda2:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-qda2_xl710qda2blk:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-qda2_xl710qda2g2p5:-:::::::*
	cpe:2.3:h:intel:ethernet_i\/o_module_xl710-qda1_axx1p40frtiom:-:::::::*
	cpe:2.3:h:intel:ethernet_i\/o_module_xl710-qda2_axx2p40frtiom:-:::::::*

Configuration 3 [-]

OR	cpe:2.3:a:hp:ethernet_10gb_2-port_562flr-sfp\+::::::::
	cpe:2.3:a:hp:ethernet_10gb_2-port_562sfp\+::::::::
	cpe:2.3:a:hp:ethernet_10gb_4-port_563sfp\+::::::::
	cpe:2.3:a:hp:proliant_xl260a_g9_server::::::::

Configuration 4 [-]

OR	cpe:2.3:a:lenovo:converged_hx_series:5.05:::::::*
	cpe:2.3:a:lenovo:converged_hx5500_appliance:5.05:::::::*
	cpe:2.3:a:lenovo:converged_hx5510_appliance:5.05:::::::*
	cpe:2.3:a:lenovo:converged_hx7500_appliance:5.05:::::::*
	cpe:2.3:a:lenovo:converged_hx7510_appliance:5.05:::::::*
	cpe:2.3:a:lenovo:nextscale_nx360_m5:5.05:::::::*
	cpe:2.3:a:lenovo:system_x3250_m5:5.05:::::::*
	cpe:2.3:a:lenovo:system_x3500_m5:5.05:::::::*
	cpe:2.3:a:lenovo:system_x3550_m5:5.05:::::::*
	cpe:2.3:a:lenovo:system_x3650_m5:5.05:::::::*
	cpe:2.3:a:lenovo:system_x3750_m4:5.05:::::::*
	cpe:2.3:a:lenovo:system_x3850_x6:5.05:::::::*
	cpe:2.3:a:lenovo:system_x3950_x6:5.05:::::::*
	cpe:2.3:a:lenovo:thinkagile_cx2200:5.05:::::::*
	cpe:2.3:a:lenovo:thinkagile_cx4200:5.05:::::::*
	cpe:2.3:a:lenovo:thinkagile_cx4600:5.05:::::::*
	cpe:2.3:a:lenovo:thinkserver_rd350:5.05:::::::*
	cpe:2.3:a:lenovo:thinkserver_rd450:5.05:::::::*
	cpe:2.3:a:lenovo:thinkserver_rd550:5.05:::::::*
	cpe:2.3:a:lenovo:thinkserver_rd650:5.05:::::::*
	cpe:2.3:a:lenovo:thinkserver_sd350:5.05:::::::*
	cpe:2.3:a:lenovo:thinkserver_td350:5.05:::::::*

No data.

Project Subscriptions

Vendors	Products
Hp Subscribe	Ethernet 10gb 2-port 562flr-sfp\+ Subscribe Ethernet 10gb 2-port 562sfp\+ Subscribe Ethernet 10gb 4-port 563sfp\+ Subscribe Proliant Xl260a G9 Server Subscribe
Intel Subscribe	Eth Converged Ntwk Adptr X710-da2 Ex710da2g1p5 Subscribe Eth Converged Ntwk Adptr X710-da4 Ex710da4fhg1p5 Subscribe Eth Converged Ntwk Adptr X710-da4 Ex710da4g1p5 Subscribe Eth Converged Ntwk Adptr Xl710-qda1 Exl710qda1g1p5 Subscribe Eth Converged Ntwk Adptr Xl710-qda2 Exl710qda2g1p5 Subscribe Ethernet Controller X710-am2 Sr1zp Subscribe Ethernet Controller X710-am2 Sr1zq Subscribe Ethernet Controller X710-bm2 Sllkb Subscribe Ethernet Controller X710-bm2 Sllkc Subscribe Ethernet Controller X710 Firmware Subscribe Ethernet Controller Xl710-am1 Sr1zm Subscribe Ethernet Controller Xl710-am1 Sr1zn Subscribe Ethernet Controller Xl710-am2 Sr1zk Subscribe Ethernet Controller Xl710-am2 Sr1zl Subscribe Ethernet Controller Xl710-bm1 Sllk9 Subscribe Ethernet Controller Xl710-bm1 Sllka Subscribe Ethernet Controller Xl710-bm2 Sllk7 Subscribe Ethernet Controller Xl710-bm2 Sllk8 Subscribe Ethernet Controller Xl710 Firmware Subscribe Ethernet Converged Network Adapter X710-da2 X710da2 Subscribe Ethernet Converged Network Adapter X710-da2 X710da2blk Subscribe Ethernet Converged Network Adapter X710-da2 X710da2g2p5 Subscribe Ethernet Converged Network Adapter X710-da4 X710da4fh Subscribe Ethernet Converged Network Adapter X710-da4 X710da4fhblk Subscribe Ethernet Converged Network Adapter X710-da4 X710da4fhg2p5 Subscribe Ethernet Converged Network Adapter X710-da4 X710da4g2p5 Subscribe Ethernet Converged Network Adapter Xl710-qda1 Xl710qda1 Subscribe Ethernet Converged Network Adapter Xl710-qda1 Xl710qda1blk Subscribe Ethernet Converged Network Adapter Xl710-qda1 Xl710qda1g2p5 Subscribe Ethernet Converged Network Adapter Xl710-qda2 Xl710qda2 Subscribe Ethernet Converged Network Adapter Xl710-qda2 Xl710qda2blk Subscribe Ethernet Converged Network Adapter Xl710-qda2 Xl710qda2g2p5 Subscribe Ethernet I\/o Module Xl710-qda1 Axx1p40frtiom Subscribe Ethernet I\/o Module Xl710-qda2 Axx2p40frtiom Subscribe
Lenovo Subscribe	Converged Hx5500 Appliance Subscribe Converged Hx5510 Appliance Subscribe Converged Hx7500 Appliance Subscribe Converged Hx7510 Appliance Subscribe Converged Hx Series Subscribe Nextscale Nx360 M5 Subscribe System X3250 M5 Subscribe System X3500 M5 Subscribe System X3550 M5 Subscribe System X3650 M5 Subscribe System X3750 M4 Subscribe System X3850 X6 Subscribe System X3950 X6 Subscribe Thinkagile Cx2200 Subscribe Thinkagile Cx4200 Subscribe Thinkagile Cx4600 Subscribe Thinkserver Rd350 Subscribe Thinkserver Rd450 Subscribe Thinkserver Rd550 Subscribe Thinkserver Rd650 Subscribe Thinkserver Sd350 Subscribe Thinkserver Td350 Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2016-8954	A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://www-01.ibm.com/support/docview.wss?uid=swg22002507
http://www.securityfocus.com/bid/95333
http://www.securitytracker.com/id/1037562
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05368378
https://nvd.nist.gov/vuln/detail/CVE-2016-8106
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00063&languageid=en-fr
https://security.netapp.com/advisory/ntap-20190731-0001/
https://support.lenovo.com/us/en/product_security/LEN-12029
https://www.cve.org/CVERecord?id=CVE-2016-8106

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: intel

Published: 2017-01-09T21:00:00

Updated: 2024-08-06T02:13:21.874Z

Reserved: 2016-09-09T00:00:00

Link: CVE-2016-8106

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2017-01-09T21:59:00.160

Modified: 2025-04-20T01:37:25.860

Link: CVE-2016-8106

Redhat

Severity : Moderate

Publid Date: 2017-01-09T00:00:00Z

Links: CVE-2016-8106 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-20

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object