====================================================================

                             CERT-Renater

                 Note d'Information No. 2018/VULN025
_____________________________________________________________________

DATE                : 18/01/2018

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Cisco NX-OS Software versions prior to 7.3(0)D1(1).

=====================================================================
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nx-os
_____________________________________________________________________

Cisco Security Advisory: Cisco NX-OS Software Pong Packet Denial of
Service Vulnerability


Advisory ID: cisco-sa-20180117-nx-os

Revision: 1.0

For Public Release: 2018 January 17 16:00 GMT

Last Updated: 2018 January 17 16:00 GMT

CVE ID(s): CVE-2018-0102

CVSS Score v(3): 7.4 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

+---------------------------------------------------------------------

Summary
=======
A vulnerability in the Pong tool of Cisco NX-OS Software could allow an
unauthenticated, adjacent attacker to cause a reload of an affected
device, resulting in a denial of service (DoS) condition.

The vulnerability exists because the affected software attempts to free
the same area of memory twice. An attacker could exploit this
vulnerability by sending a pong request to an affected device from a
location on the network that causes the pong reply packet to egress
both a FabricPath port and a non-FabricPath port. An exploit could
allow the attacker to cause a dual or quad supervisor virtual
port-channel (vPC) to reload.

  Note: This vulnerability is exploitable only when all of the following
are true:

      The Pong tool is enabled on an affected device. The Pong tool is
disabled in NX-OS by default.
      The FabricPath feature is enabled on an affected device. The
FabricPath feature is disabled in NX-OS by default.

A FabricPath port is actively monitored via a Switched Port Analyzer
(SPAN) session. SPAN sessions are not configured or enabled in NX-OS by
default.

Cisco has released software updates that address this vulnerability.
There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nx-os
["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nx-os"]

==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================