CVE-2016-9919 log

Severity High
Remote Yes
Type Denial of service
The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet.
Group Package Affected Fixed Severity Status Ticket
AVG-104 linux-lts 4.4.36-1 4.4.37-1 High Not affected
AVG-103 linux-grsec 1:4.8.12.r201612062306-1 1:4.8.12.r201612062306-2 High Fixed
AVG-102 linux-zen 4.8.12-2 4.8.13-1 High Fixed
AVG-101 linux 4.8.12-2 4.8.12-3 High Fixed
Date Advisory Group Package Severity Type
12 Dec 2016 ASA-201612-14 AVG-102 linux-zen High denial of service
10 Dec 2016 ASA-201612-11 AVG-103 linux-grsec High denial of service
10 Dec 2016 ASA-201612-10 AVG-101 linux High denial of service
The issue was introduced in 4.8.10 by 5d41ce29e ("net: icmp6_send should use dst dev to determine L3 domain") and fixed in trunk by 79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2 ("net: handle no dst on skb in icmp6_send").