BSA-2017-326

Brocade Fabric OS

2 more products

21420

13 October 2017

23 June 2017

Closed

High

7.0

N/A

CVE-2017-7308

Summary

Security Advisory ID : BSA-2017-326

Component : Linux Kernel

Revision : 2.0: Interim

It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

Affected Products

Product Current Assessment
Brocade Services Director Impacted: Fixed in 17.2.
Brocade Virtual Traffic Manager Impacted: Appliance fixed in 17.2 and later.

Products Confirmed Not Vulnerable

Brocade 5400 vRouter, Brocade 5600 vRouter, Brocade Fabric OS, Brocade FastIron OS, Brocade NetIron OS, Brocade Network OS, Brocade ServerIron ADX, Brocade Services Director, Brocade SLX-OS, Brocade Virtual ADX, Brocade Virtual Traffic Manager, Brocade Virtual Web Application Firewall, and Brocade Workflow Composer are confirmed not affected by this vulnerability.

Workaround

There are no workarounds that address this vulnerability.


Revision History

Version Change Date
1.0 Initial Publication June 23, 2017
2.0 Updating to address FOS, NOS, SLX, & WC October 13, 2017