An update for kernel is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
The kernel packages contain the Linux kernel, the core of any Linux operating
* Linux kernel built with the 802.1Q/802.1ad VLAN(CONFIG_VLAN_8021Q) OR Virtual
eXtensible Local Area Network(CONFIG_VXLAN) with Transparent Ethernet
Bridging(TEB) GRO support, is vulnerable to a stack overflow issue. It could
occur while receiving large packets via GRO path as an unlimited recursion could
unfold in both VLAN and TEB modules leading to a stack corruption in the kernel.
1375944 – CVE-2016-7039 kernel: remotely triggerable unbounded recursion in the vlan gro code leading to a kernel crash