A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition.
The vulnerability exists because the affected software attempts to free the same area of memory twice.
An attacker could exploit this vulnerability by sending a pong request to an affected device from a location on the network that causes the pong reply packet to egress both a FabricPath port and a non-FabricPath port.
An exploit could allow the attacker to cause a dual or quad supervisor virtual port-channel (vPC) to reload.
Note: This vulnerability is exploitable only when all of the following are true:
The Pong tool is enabled on an affected device.
The Pong tool is disabled in NX-OS by default.
The FabricPath feature is enabled on an affected device.
The FabricPath feature is disabled in NX-OS by default.
A FabricPath port is actively monitored via a Switched Port Analyzer (SPAN) session.
SPAN sessions are not configured or enabled in NX-OS by default.
Cisco has released software updates that address this vulnerability.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
Security Impact Rating: High