—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Cisco IOS Software for Cisco Catalyst 6800 Series Switches VPLS Denial of Service Vulnerability

Advisory ID: cisco-sa-20170927-vpls

Revision: 1.0

For Public Release: 2017 September 27 16:00 GMT

Last Updated: 2017 September 27 16:00 GMT

CVE ID(s): CVE-2017-12238

CVSS Score v(3): 7.4 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

+———————————————————————

Summary
=======
A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS Software for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a denial of service (DoS) condition.

The vulnerability is due to a memory management issue in the affected software. An attacker could exploit this vulnerability by creating a large number of VPLS-generated MAC entries in the MAC address table of an affected device. A successful exploit could allow the attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-vpls [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-vpls”]

This advisory is part of the September 27, 2017, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 12 Cisco Security Advisories that describe 13 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2017 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [“https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-63410”].

—–BEGIN PGP SIGNATURE—–

iQKBBAEBAgBrBQJZy818ZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg
SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx
NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHlHQg/8DoTvV3XwAyyaKwIC
Aor2Dsu0qtJvWQOmEzl1j6exss5nV5nnoeGYd6yI6Qe/SsqwU7z9vpckAfiRGbYv
IOgUpg7asEgQcDTR6LZ+x7e2Vyb5KhmrENHfQp95t5eo6Q6zfF0Ruq9xBqiSEggs
WEnkiIZWXITw0dfKLy2a5sHUCCr6mXigifrGHFAUf7aTZzoV99Ti+Fxq8M+/nnXA
sh0Te056ozHBAmDA/zqkH+EC/WrLRe2MstsGKt4qA2BcpizDG5YKuL/jl/PauR7B
3bn3fjegnbSjOdVTWEN3vkofub8oh89qbGQBxeTf7UGcWifRfyOsiza0+lmx9VFA
LnYnO+WnCmUknB5uAg3UBUeKvHHEF/+7i4lvJYISTzMywUbgKf4H5KIN/SBfM67N
6zG9dFchOheMZ/DsClSw22yPlmN+2WDwszybec/QtQOjHajHkA6RgQ1smsGeCevP
oqQYII28iuWDB827f28dqOQc1HTe79vI3InuRL2YU56t+05qLyZTZGKRxteaBJmk
ULiPX/yU7prrcv3ykV+c/3kTLMm9F9duqxUTJMD08uqKihe1Owl2PcTD7u6dSbav
z9fV0vspd5nx49VIHkT99ghk+Hzi25+HIKsGG88yFvTphD3GbjsvrdVv4tX8Ceij
UxwQbuqWUwWDuA1nN6JkBef4O0I=
=zZSV
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com