—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Cisco NX-OS Software Pong Packet Denial of Service Vulnerability

Advisory ID: cisco-sa-20180117-nx-os

Revision: 1.0

For Public Release: 2018 January 17 16:00 GMT

Last Updated: 2018 January 17 16:00 GMT

CVE ID(s): CVE-2018-0102

CVSS Score v(3): 7.4 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

+———————————————————————

Summary
=======
A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition.

The vulnerability exists because the affected software attempts to free the same area of memory twice. An attacker could exploit this vulnerability by sending a pong request to an affected device from a location on the network that causes the pong reply packet to egress both a FabricPath port and a non-FabricPath port. An exploit could allow the attacker to cause a dual or quad supervisor virtual port-channel (vPC) to reload.

Note: This vulnerability is exploitable only when all of the following are true:

The Pong tool is enabled on an affected device. The Pong tool is disabled in NX-OS by default.
The FabricPath feature is enabled on an affected device. The FabricPath feature is disabled in NX-OS by default.
A FabricPath port is actively monitored via a Switched Port Analyzer (SPAN) session. SPAN sessions are not configured or enabled in NX-OS by default.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nx-os [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nx-os”]

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJaX3RKXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfczSusQAJ7bsLDKdGrfJjsKzy115mri4iRr
MZxBrrqhTorGKmifzpwlIwkpkficuETYpb1JcbssiQ3KO9OCZEiN6+agIaDUrZRZ
QWkC/K5hrnmO+iAcMMkW2Pv/NssBE6ag6vhFNMkZQcP9OkRaZZPmgSWzvJd4czpv
dakYg1hllpR8I1+Uy/wH+a6t6Z4xc8aQIcTTWxg2Zb559epbRqjV4iXQ3gpEaz+W
Qw+1H3bit/kHz52FsKarUOZwJcHchrLCLL63VKxUcLD8F6MXzS2gG+qgoZLs0Nxz
7tifaUAZvVIzb58jzMWK/dHkW3dnjGOfK31VEHfe1bFlJdWvyUDQmJvMuoqL5ODO
f4EFVs/cZMpxuzBbO8iH0anYRtf9UNN1ozvJ/znB5TPuHI/SQFKEIIJvuCw1rtit
7zFUUrT2iv5JbRUCLDTjxhmXgzCS6NJeZlunjetIKQPm+9to4bHEkdFp2w3hLdbN
8t1d8O2XrhnpWJUOSTYMkB2qehBV3ir23QCTkBf5bVDrzpTPaOC1rnGwbQfYJwPf
5xTlR/f3qrwr1izUlP86xSJvOWqIcBUNXwoV/UczoxEsY3LbJC5CbOSkcE8fizxp
qb/FBRQjarO9xticzJFyIJJhyPlF8ceHPgIdes2WvtxDBTpO19qvPQ8BoGcSK5Up
D/TD9ZhQsmIb01cs
=Fvcv
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com