—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Cisco Firepower 2100 Series Security Appliances IP Fragmentation Denial of Service Vulnerability

Advisory ID: cisco-sa-20180418-fp2100

Revision: 1.0

For Public Release: 2018 April 18 16:00 GMT

Last Updated: 2018 April 18 16:00 GMT

CVE ID(s): CVE-2018-0230

CVSS Score v(3): 8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

+———————————————————————

Summary

=======

A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition.

The vulnerability is due to the affected software improperly validating IP Version 4 (IPv4) and IP Version 6 (IPv6) packets after the software reassembles the packets. An attacker could exploit this vulnerability by sending a series of malicious, fragmented IPv4 or IPv6 packets to an affected device. A successful exploit could allow the attacker to cause Snort processes on the affected device to hang at 100% CPU utilization, which could cause the device to stop processing traffic and result in a DoS condition until the device is reloaded manually.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fp2100 [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fp2100”]

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJa128CXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfcz3HwP/1/kABr+k7O3mkVgOc9DSe87e5Ou
lXfSgEO/d5t1udJhB+Ly0t6QzWkyxH71DqNnZsvZUx+yF62/teWm9sdShLWbkNe7
TOY2sVgUzACmNDCkuAQQA3Dk1468RAqBBaSxdN0/YCDwwCoucSAT62w6QZnJFYLG
PufXb3ElLQpe+u0nacCS65pqh1mcsYnFwodeKll6bfl2iXslsrZqJw24iXtYQstr
TdJRCp4pEBY13TBbORR2lw23cog194oeBjJ0Za2yBb3MSnmMqHC/l6uJhCv3AlYF
sVxmYe2oTcsAvrwwYKm1oFdAW5ay7TenZOjKK6GA4zCT7a89pkHkHDv8YgclgA9r
6BDilwKBC9WmAk3GuRCH4n7as1v55CxddAa0N3lA2rJE5LAfuHFddrCOHNLVK12a
v9DxfpPNXQU6xt0TkG3RsmS1PZIKuHf2OSk1qHq/vVwO3W89xiDbeXvGs5INkPfp
+Ed+M0y4k3leX0erDZmywJUlZymQXLPCKgx+9FxQx/pSYY2/hm/M0Uaql9y3cQ37
1wrKx3uzHKapBOKjeR4fH4QZX4TD+lWuLi3SLLb6Ci24GBHj0TKHrdgcqHj14SiI
U/8DCsnX22xV3yEOWw0HfEgUt8REcaOtsM2mW6ilnj1ZqSMaistIm+TKTNP61ACP
4rRn0NSH6yXQSKIQ
=QcRd
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com