BSA-2017-380

Brocade Fabric OS

2 more products

21406

25 August 2017

25 August 2017

Closed

Medium

5.9

N/A

CVE-2017-7521

Summary

Security Advisory ID : BSA-2017-380

Component : OpenVPN

Revision : 1.0: Interim

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extract_x509_extension().

Affected Products

Brocade is investigating its product lines to determine which products may be affected by this vulnerability and the impact on each affected product.

Products Confirmed Not Vulnerable

Brocade Fabric OS, Brocade FastIron OS, Brocade NetIron OS, Brocade Network Advisor, Brocade Network OS, Brocade ServerIron ADX, Brocade SLX-OS, and Brocade Virtual ADX are confirmed not affected by this vulnerability.

Workaround

There are no workarounds that address this vulnerability.


Revision History

Version Change Date
1.0 Initial Publication August 25, 2017