{"id":"CVE-2016-9755","details":"The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service (integer overflow, out-of-bounds write, and GPF) or possibly have unspecified other impact via a crafted application that makes socket, connect, and writev system calls, related to net/ipv6/netfilter/nf_conntrack_reasm.c and net/ipv6/netfilter/nf_defrag_ipv6_hooks.c.","modified":"2026-03-15T22:23:14.510539Z","published":"2016-12-28T07:59:00.430Z","references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/94626"},{"type":"WEB","url":"https://groups.google.com/forum/#%21topic/syzkaller/GFbGpX7nTEo"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1400904"},{"type":"FIX","url":"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b57da0630c9fd36ed7a20fc0f98dc82cc0777fa"},{"type":"FIX","url":"https://github.com/torvalds/linux/commit/9b57da0630c9fd36ed7a20fc0f98dc82cc0777fa"},{"type":"FIX","url":"https://www.spinics.net/lists/netdev/msg407525.html"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2016/12/01/10"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"4.8.15"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9755.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}