Denial of service in Cisco NX-OS Software IPv6

1) Memory leak

EUVDB-ID: #VU50943

Risk: Medium

CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1387

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak in the network stack. A remote attacker can send multiple crafted IPv6 packets to leak memory and perform denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco Nexus 3000 Series Switches: before 7.0.3 I7.9

Nexus 5500 Platform Switches: before 7.3.8 N1.1

Nexus 5600 Platform Switches: before 7.3.8 N1.1

Nexus 6000 Series Switches: before 7.3.8 N1.1

Nexus 7000 Series Switches: before 8.2.5

Cisco Nexus 9000 Series Switches NX-OS Mode: before 7.0.3 I7.9

UCS 6400 Series Fabric Interconnects: before 8.4.2a

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipv6-netstack-edXPGV7K
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCvu11961
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCvu77380

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.