Support Content Notification - Support Portal

BSA-2017-334

Product/Component

Brocade Fabric OS

2 more products

Notification Id

21500

Last Updated

08 September 2017

Initial Publication Date

23 June 2017

Status

Closed

Severity

Low

CVSS Base Score

3.3

WorkAround

N/A

Affected CVE

CVE-2016-9841

Summary
Security Advisory ID : BSA-2017-334
Component : zlib
Revision : 2.0: Interim

An old inffast.c optimization turns out to not be optimal anymore with modern compilers, and furthermore was not compliant with theC standard, for which decrementing a pointer before its allocated memory is undefined.

Affected Products

Product	Current Assessment
Brocade Virtual Web Application Firewall	Impacted: Upgrade to 4.9-42756.

Products Confirmed Not Vulnerable

Brocade Fabric OS, Brocade FastIron OS, Brocade NetIron OS, Brocade Network Advisor, Brocade ServerIronADX, Brocade SLX-OS, and Brocade Virtual ADX are confirmed not affected by this vulnerability.

Workaround

There are no workarounds that address this vulnerability.

Revision History

Version	Change	Date
1.0	Initial Publication	June 23, 2017
2.0	Updated to address BNA	September 8, 2017

Summary Security Advisory ID : BSA-2017-334 Component : zlib Revision : 2.0: Interim

Affected Products

Products Confirmed Not Vulnerable

Workaround

Revision History

Summary
Security Advisory ID : BSA-2017-334
Component : zlib
Revision : 2.0: Interim