A vulnerability in the Cisco IOS Software forwarding queue of Cisco 2960X and 3750X switches could allow an unauthenticated, adjacent attacker to cause a memory leak in the software forwarding queue that would eventually lead to a partial denial of service (DoS) condition.

The vulnerability is due to improper processing of IPv6 Neighbor Discovery (ND) packets.

An attacker could exploit this vulnerability by sending a number of IPv6 ND packets to be processed by an affected device.

An exploit could allow the attacker to cause a memory leak in the software forwarding queue that would eventually lead to a partial DoS service condition.

Workarounds that address this vulnerability are available.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-catalyst
A vulnerability in the Cisco IOS Software forwarding queue of Cisco 2960X and 3750X switches could allow an unauthenticated, adjacent attacker to cause a memory leak in the software forwarding queue that would eventually lead to a partial denial of service (DoS) condition.

The vulnerability is due to improper processing of IPv6 Neighbor Discovery (ND) packets.

An attacker could exploit this vulnerability by sending a number of IPv6 ND packets to be processed by an affected device.

An exploit could allow the attacker to cause a memory leak in the software forwarding queue that would eventually lead to a partial DoS service condition.

Workarounds that address this vulnerability are available.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-catalyst

Security Impact Rating: Medium

CVE: CVE-2017-3803

Leave a Reply