Support Content Notification - Support Portal

BSA-2017-343

Product/Component

Brocade Fabric OS

2 more products

Notification Id

21361

Last Updated

27 October 2017

Initial Publication Date

23 June 2017

Status

Closed

Severity

Medium

CVSS Base Score

5.5

WorkAround

N/A

Affected CVE

CVE-2017-9242

Summary
Security Advisory ID : BSA-2017-343
Component : Kernel
Revision : 3.0: Final

The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.

Affected Products

No Brocade product lines are affected by this vulnerability.

Products Confirmed Not Vulnerable

Brocade Fabric OS, Brocade FastIron OS, Brocade NetIron OS, Brocade Network OS, Brocade ServerIron ADX, Brocade Services Director, Brocade SLX-OS, Brocade Virtual ADX, Brocade Virtual Traffic Manager, Brocade Virtual Web Application Firewall and Brocade Workflow Composer are confirmed not affected by this vulnerability.

Workaround

There are no workarounds that address this vulnerability.

Revision History

Version	Change	Date
1.0	Initial Publication	June 23, 2017
2.0	Updated to address FOS, NOS, & WC	October 13, 2017
3.0	Updated to address ADX & vADX	October 27, 2017

Summary Security Advisory ID : BSA-2017-343 Component : Kernel Revision : 3.0: Final

Revision History

Summary
Security Advisory ID : BSA-2017-343
Component : Kernel
Revision : 3.0: Final