Some Huawei products have a memory leak vulnerability. When the packet processing module of the device processes abnormal Multiprotocol Label Switching (MPLS) packets sent by attackers, the module repeatedly applies for memory, resulting in memory exhaustion in persistent attacks. (Vulnerability ID: HWPSIRT-2016-03049)
This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-8797.
Huawei has released software updates to fix these vulnerabilities. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160608-01-mpls-en
CPE | Name | Operator | Version |
---|---|---|---|
ar3200 | eq | V200R007C00 | |
ar3200 | eq | V200R005C32 | |
ar3200 | eq | V200R005C20 | |
s12700 | eq | V200R008C00 | |
s12700 | eq | V200R007C00 | |
s5300 | eq | V200R008C00 | |
s5300 | eq | V200R007C00 | |
s5300 | eq | V200R006C00 | |
s5700 | eq | V200R008C00 | |
s5700 | eq | V200R007C00 |