Denial of service in Cisco NX-OS Software ICMP Version 6

1) Memory leak

EUVDB-ID: #VU50942

Risk: Medium

CVSSv3.1: 5.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1229

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform denial of service (DoS) attack.

The vulnerability exists due to improper error handling when an IPv6-configured interface receives a specific type of ICMPv6 packet. A remote attacker can force the application to leak memory and cause a denial of service condition on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Cisco MDS 9000 Series Multilayer Switches: 8.4.3.53

Nexus 1000 Virtual Edge for VMware vSphere: 5.2.1 SV5.1.3a

Nexus 1000V Switch for Microsoft Hyper-V: 5.2.1 SV5.1.3a

Nexus 1000V Switch for VMware vSphere: 5.2.1 SV5.1.3a

Cisco Nexus 3000 Series Switches: before 7.0.3 I7.9

Nexus 5500 Platform Switches: before 7.3.8 N1.1

Nexus 6000 Series Switches: before 7.3.8 N1.1

Nexus 7000 Series Switches: before 8.2.5

Cisco Nexus 9000 Series Switches in ACI Mode: before 7.0.3 I7.9

Cisco Nexus 9000 Series Switches NX-OS Mode: before 15.1.3e

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv24541
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv96592
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv96593

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.