CVE-2016-0281

moderate-risk
Published 2016-08-08

The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter crash) via crafted packets.

Do I need to act?

~
3.6% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
3
CVSS 3.7/10 Low
NETWORK / HIGH complexity

Affected Products (20)

Aix
Aix
Aix
Aix

Affected Vendors

Ibm

References (16)

Vendor Advisory http://aix.software.ibm.com/aix/efixes/security/mustendd_advisory.asc
Broken Link http://www-01.ibm.com/support/docview.wss?uid=swg1IV80569
Broken Link http://www-01.ibm.com/support/docview.wss?uid=swg1IV81357
Broken Link http://www-01.ibm.com/support/docview.wss?uid=swg1IV81459
Broken Link http://www-01.ibm.com/support/docview.wss?uid=swg1IV82421
Broken Link http://www-01.ibm.com/support/docview.wss?uid=swg1IV84184
http://www.securityfocus.com/bid/92193
http://www.securitytracker.com/id/1036481
Vendor Advisory http://aix.software.ibm.com/aix/efixes/security/mustendd_advisory.asc
Broken Link http://www-01.ibm.com/support/docview.wss?uid=swg1IV80569
Broken Link http://www-01.ibm.com/support/docview.wss?uid=swg1IV81357
Broken Link http://www-01.ibm.com/support/docview.wss?uid=swg1IV81459
Broken Link http://www-01.ibm.com/support/docview.wss?uid=swg1IV82421
Broken Link http://www-01.ibm.com/support/docview.wss?uid=swg1IV84184
http://www.securityfocus.com/bid/92193
http://www.securitytracker.com/id/1036481
42
/ 100
moderate-risk
Severity 13/34 · Low
Exploitability 7/34 · Low
Exposure 22/34 · High