BSA-2018-526
21324
12 March 2018
17 January 2018
Closed
Medium
7.5
Yes
CVE-2017-6227
Summary
Security Advisory ID : BSA-2018-526
Component : Fabric OS IPv6 stack
Revision : 2.0: Final
A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) could allow an unauthenticated, adjacent attacker to cause a denial of service (CPU consumption and device hang) condition by sending crafted Router Advertisement (RA) messages to a targeted system. All versions of Brocade Fabric OS are affected.
Affected Products
Brocade Fabric OS -- Impacted: Fixed in v7.4.2c, v8.1.2 and v8.2.0
Products Confirmed Not Vulnerable
No other Brocade Fibre Channel technology products from Broadcom are currently known to be affected by this vulnerability.
Solution
Brocade has fixed the vulnerability described in this advisory in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) v7.4.2c, v8.1.2, v8.2.0 and later releases. The patch releases have been posted to the MyBrocade web portal.
Workaround
To exploit this vulnerability, an attacker must be on the same local network as the targeted system. Minimizing exposure to this vulnerability can be done by using firewall and ipfilter to limit access to switch to trusted hosts only.
Recommended Action
Brocade strongly recommends that all customers running the impacted version(s) install the patch.
Credit
This vulnerability has been found through internal SQA testing.
Revision History
Version | Change | Date |
---|---|---|
1.0 | Initial Publication | January 17, 2018 |
2.0 | Code versionupdated | March 12, 2018 |