High severity7.5NVD Advisory· Published Oct 16, 2016· Updated May 6, 2026

CVE-2016-8666

Description

The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/nvd
rhn.redhat.com/errata/RHSA-2016-2047.htmlnvd
rhn.redhat.com/errata/RHSA-2016-2107.htmlnvd
rhn.redhat.com/errata/RHSA-2016-2110.htmlnvd
rhn.redhat.com/errata/RHSA-2017-0004.htmlnvd
www.openwall.com/lists/oss-security/2016/10/13/11nvd
www.securityfocus.com/bid/93562nvd
access.redhat.com/errata/RHSA-2017:0372nvd
bto.bluecoat.com/security-advisory/sa134nvd
bugzilla.redhat.com/show_bug.cginvd
bugzilla.suse.com/show_bug.cginvd
github.com/torvalds/linux/commit/fac8e0f579695a3ecbc4d3cac369139d7f819971nvd

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000