CVE-2016-7153

Publication date 6 September 2016

Last updated 25 August 2025

Ubuntu priority

Low

Why this priority?

Cvss 3 Severity Score

5.3 · Medium

Score breakdown

The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.

Read the notes from the security team

Status

Package Ubuntu Release Status
chromium-browser 17.04 zesty Ignored
16.10 yakkety Ignored end of life
16.04 LTS xenial Ignored
14.04 LTS trusty Not in release
12.04 LTS precise Ignored
firefox 17.04 zesty Ignored
16.10 yakkety Ignored end of life
16.04 LTS xenial Ignored
14.04 LTS trusty Not in release
12.04 LTS precise Ignored end of life
oxide-qt 17.04 zesty Ignored
16.10 yakkety Ignored end of life
16.04 LTS xenial Ignored
14.04 LTS trusty Not in release
12.04 LTS precise Not in release
thunderbird 17.04 zesty Ignored
16.10 yakkety Ignored end of life
16.04 LTS xenial Ignored
14.04 LTS trusty Not in release
12.04 LTS precise Ignored end of life

Notes

seth-arnold

NVD had this CVE assigned to multiple browers as of 2016-09-12. This CVE appears to cover a wide variety of browser side channels demonstrating the time difference between first byte and last byte in a response. This can be used both for compression-based determinations of exact strings from requests that are reflected in responses as well as uncompressed responses from sites that have disabled compression to mitigate BEAST or CRIME. The paper authors recommend users disable third-party cookies in their browsers, with the caveat that many services will break.

mdeslaur

We have no actionable item to fix this CVE. Since we release new firefox, thunderbird and chromium upstream releases, I'm marking this as ignored.

Severity score breakdown

Parameter Value
Base score 5.3 · Medium
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Scope Unchanged
Confidentiality Low
Integrity impact None
Availability impact None
Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N