PatchSiren

PatchSiren cyber security CVE debrief

CVE-2016-8105 Intel CVE debrief

CVE-2016-8105 describes a denial-of-service issue in Intel Ethernet Controller X710 and XL710 family drivers when deployed in certain layer 2 network configurations. The issue is publicly documented by Intel and NVD, with the CVSS vector indicating an adjacent-network attack that affects availability only. For defenders, the main concern is service disruption on systems using the affected Intel drivers rather than data exposure or code execution.

Vendor
Intel
Product
CVE-2016-8105
CVSS
MEDIUM 6.5
CISA KEV
Not listed in stored evidence
Original CVE published
2017-02-27
Original CVE updated
2026-05-13
Advisory published
2017-02-27
Advisory updated
2026-05-13

Who should care

Organizations running systems with Intel X710 or XL710 series Ethernet controller drivers, especially where layer 2 network configurations are in use. Network, server, and platform teams responsible for driver lifecycle management, firmware/driver baselines, and availability-sensitive infrastructure should prioritize review.

Technical summary

The NVD record maps the vulnerable software to Intel x710_series_driver and xl710_series_driver. The published description states that drivers for the Intel Ethernet Controller X710 and Intel Ethernet Controller XL710 families before version 22.0 are vulnerable to denial of service in certain layer 2 network configurations. NVD also lists vulnerable version criteria through 21.3 for the driver CPEs. The CVSS 3.0 vector is AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, indicating a network-adjacent attack path with high availability impact and no confidentiality or integrity impact.

Defensive priority

Medium

Recommended defensive actions

  • Inventory hosts using Intel X710 or XL710 series drivers and confirm the installed driver version.
  • Compare deployed versions against Intel's advisory and the NVD affected CPE criteria before planning remediation.
  • Upgrade to a non-vulnerable Intel driver release referenced by the vendor advisory.
  • Validate whether any layer 2 network configurations in your environment match the affected conditions described by the CVE.
  • Where immediate patching is not possible, reduce exposure of affected systems to untrusted adjacent नेटवर्क segments and monitor for availability anomalies.

Evidence notes

Source material from NVD and Intel states the issue affects Intel X710 and XL710 driver families and links it to denial of service in certain layer 2 network configurations. The CVSS vector supplied by NVD is AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. A version-range nuance exists in the corpus: the prose description says 'before version 22.0,' while NVD CPE criteria enumerate vulnerable driver versions ending at 21.3. This debrief preserves both facts without choosing between them.

Official resources

Publicly disclosed on 2017-02-27, with the NVD record later modified on 2026-05-13. The CVE issue date should be treated as the 2017 publication date, not the later modification timestamp.