CVE-2016-8106 - Vulnerability Details

Description

A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions.

Published: 2017-01-09

Score: 5.9 Medium

EPSS: 2.6% Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Intel

IntelÂ® Ethernet Controller X710 family and IntelÂ® Ethernet Controller XL710 family

affected

Version	Status	Constraints
`Before NVM Version 5.05`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:intel:ethernet_controller_x710_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:intel:ethernet_controller_x710-am2_sr1zp:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_x710-am2_sr1zq:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_x710-bm2_sllkb:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_x710-bm2_sllkc:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_xl710-am1_sr1zm:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_xl710-am1_sr1zn:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_xl710-am2_sr1zk:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_xl710-am2_sr1zl:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_xl710-bm1_sllk9:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_xl710-bm1_sllka:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_xl710-bm2_sllk7:-:::::::*
	cpe:2.3:h:intel:ethernet_controller_xl710-bm2_sllk8:-:::::::*

Configuration 2 [-]

AND

cpe:2.3:o:intel:ethernet_controller_xl710_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:intel:eth_converged_ntwk_adptr_x710-da2_ex710da2g1p5:-:::::::*
	cpe:2.3:h:intel:eth_converged_ntwk_adptr_x710-da4_ex710da4fhg1p5:-:::::::*
	cpe:2.3:h:intel:eth_converged_ntwk_adptr_x710-da4_ex710da4g1p5:-:::::::*
	cpe:2.3:h:intel:eth_converged_ntwk_adptr_xl710-qda1_exl710qda1g1p5:-:::::::*
	cpe:2.3:h:intel:eth_converged_ntwk_adptr_xl710-qda2_exl710qda2g1p5:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da2_x710da2:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da2_x710da2blk:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da2_x710da2g2p5:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da4_x710da4fh:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da4_x710da4fhblk:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da4_x710da4fhg2p5:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da4_x710da4g2p5:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-qda1_xl710qda1:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-qda1_xl710qda1blk:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-qda1_xl710qda1g2p5:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-qda2_xl710qda2:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-qda2_xl710qda2blk:-:::::::*
	cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-qda2_xl710qda2g2p5:-:::::::*
	cpe:2.3:h:intel:ethernet_i\/o_module_xl710-qda1_axx1p40frtiom:-:::::::*
	cpe:2.3:h:intel:ethernet_i\/o_module_xl710-qda2_axx2p40frtiom:-:::::::*

Configuration 3 [-]

OR	cpe:2.3:a:hp:ethernet_10gb_2-port_562flr-sfp\+::::::::
	cpe:2.3:a:hp:ethernet_10gb_2-port_562sfp\+::::::::
	cpe:2.3:a:hp:ethernet_10gb_4-port_563sfp\+::::::::
	cpe:2.3:a:hp:proliant_xl260a_g9_server::::::::

Configuration 4 [-]

OR	cpe:2.3:a:lenovo:converged_hx_series:5.05:::::::*
	cpe:2.3:a:lenovo:converged_hx5500_appliance:5.05:::::::*
	cpe:2.3:a:lenovo:converged_hx5510_appliance:5.05:::::::*
	cpe:2.3:a:lenovo:converged_hx7500_appliance:5.05:::::::*
	cpe:2.3:a:lenovo:converged_hx7510_appliance:5.05:::::::*
	cpe:2.3:a:lenovo:nextscale_nx360_m5:5.05:::::::*
	cpe:2.3:a:lenovo:system_x3250_m5:5.05:::::::*
	cpe:2.3:a:lenovo:system_x3500_m5:5.05:::::::*
	cpe:2.3:a:lenovo:system_x3550_m5:5.05:::::::*
	cpe:2.3:a:lenovo:system_x3650_m5:5.05:::::::*
	cpe:2.3:a:lenovo:system_x3750_m4:5.05:::::::*
	cpe:2.3:a:lenovo:system_x3850_x6:5.05:::::::*
	cpe:2.3:a:lenovo:system_x3950_x6:5.05:::::::*
	cpe:2.3:a:lenovo:thinkagile_cx2200:5.05:::::::*
	cpe:2.3:a:lenovo:thinkagile_cx4200:5.05:::::::*
	cpe:2.3:a:lenovo:thinkagile_cx4600:5.05:::::::*
	cpe:2.3:a:lenovo:thinkserver_rd350:5.05:::::::*
	cpe:2.3:a:lenovo:thinkserver_rd450:5.05:::::::*
	cpe:2.3:a:lenovo:thinkserver_rd550:5.05:::::::*
	cpe:2.3:a:lenovo:thinkserver_rd650:5.05:::::::*
	cpe:2.3:a:lenovo:thinkserver_sd350:5.05:::::::*
	cpe:2.3:a:lenovo:thinkserver_td350:5.05:::::::*

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2016-8954	A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.02584.

Key SSVC decision points have not yet been added.

References

Link	Providers
http://www-01.ibm.com/support/docview.wss?uid=swg22002507
http://www.securityfocus.com/bid/95333
http://www.securitytracker.com/id/1037562
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05368378
https://nvd.nist.gov/vuln/detail/CVE-2016-8106
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00063&languageid=en-fr
https://security.netapp.com/advisory/ntap-20190731-0001/
https://support.lenovo.com/us/en/product_security/LEN-12029
https://www.cve.org/CVERecord?id=CVE-2016-8106

History

No history.

Subscriptions

Hp Ethernet 10gb 2-port 562flr-sfp\+ Ethernet 10gb 2-port 562sfp\+ Ethernet 10gb 4-port 563sfp\+ Proliant Xl260a G9 Server

Intel Eth Converged Ntwk Adptr X710-da2 Ex710da2g1p5 Eth Converged Ntwk Adptr X710-da4 Ex710da4fhg1p5 Eth Converged Ntwk Adptr X710-da4 Ex710da4g1p5 Eth Converged Ntwk Adptr Xl710-qda1 Exl710qda1g1p5 Eth Converged Ntwk Adptr Xl710-qda2 Exl710qda2g1p5 Ethernet Controller X710-am2 Sr1zp Ethernet Controller X710-am2 Sr1zq Ethernet Controller X710-bm2 Sllkb Ethernet Controller X710-bm2 Sllkc Ethernet Controller X710 Firmware Ethernet Controller Xl710-am1 Sr1zm Ethernet Controller Xl710-am1 Sr1zn Ethernet Controller Xl710-am2 Sr1zk Ethernet Controller Xl710-am2 Sr1zl Ethernet Controller Xl710-bm1 Sllk9 Ethernet Controller Xl710-bm1 Sllka Ethernet Controller Xl710-bm2 Sllk7 Ethernet Controller Xl710-bm2 Sllk8 Ethernet Controller Xl710 Firmware Ethernet Converged Network Adapter X710-da2 X710da2 Ethernet Converged Network Adapter X710-da2 X710da2blk Ethernet Converged Network Adapter X710-da2 X710da2g2p5 Ethernet Converged Network Adapter X710-da4 X710da4fh Ethernet Converged Network Adapter X710-da4 X710da4fhblk Ethernet Converged Network Adapter X710-da4 X710da4fhg2p5 Ethernet Converged Network Adapter X710-da4 X710da4g2p5 Ethernet Converged Network Adapter Xl710-qda1 Xl710qda1 Ethernet Converged Network Adapter Xl710-qda1 Xl710qda1blk Ethernet Converged Network Adapter Xl710-qda1 Xl710qda1g2p5 Ethernet Converged Network Adapter Xl710-qda2 Xl710qda2 Ethernet Converged Network Adapter Xl710-qda2 Xl710qda2blk Ethernet Converged Network Adapter Xl710-qda2 Xl710qda2g2p5 Ethernet I\/o Module Xl710-qda1 Axx1p40frtiom Ethernet I\/o Module Xl710-qda2 Axx2p40frtiom

Lenovo Converged Hx5500 Appliance Converged Hx5510 Appliance Converged Hx7500 Appliance Converged Hx7510 Appliance Converged Hx Series Nextscale Nx360 M5 System X3250 M5 System X3500 M5 System X3550 M5 System X3650 M5 System X3750 M4 System X3850 X6 System X3950 X6 Thinkagile Cx2200 Thinkagile Cx4200 Thinkagile Cx4600 Thinkserver Rd350 Thinkserver Rd450 Thinkserver Rd550 Thinkserver Rd650 Thinkserver Sd350 Thinkserver Td350

MITRE

Status: PUBLISHED

Assigner: intel

Published: 2017-01-09T21:00:00.000Z

Updated: 2024-08-06T02:13:21.874Z

Reserved: 2016-09-09T00:00:00.000Z

Link: CVE-2016-8106

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2017-01-09T21:59:00.160

Modified: 2025-04-20T01:37:25.860

Link: CVE-2016-8106

Redhat

Severity : Moderate

Publid Date: 2017-01-09T00:00:00Z

Links: CVE-2016-8106 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-20

Tracking

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object