There is a denial of service vulnerability in some Huawei products. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service. Affected product versions include: CloudEngine 12800 versions V200R019C00SPC800; CloudEngine 5800 versions V200R019C00SPC800; CloudEngine 6800 versions V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R019C00SPC800; NE40E versions V800R011C00SPC200, V800R011C00SPC300, V800R011C10SPC100; NE40E-F versions V800R011C00SPC200, V800R011C10SPC100; NE40E-M versions V800R011C00SPC200, V800R011C10SPC100.
The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Cloudengine_12800_firmware | Huawei | v200r019c00 (including) | v200r019c00 (including) |
Cloudengine_12800_firmware | Huawei | v200r019c00spc600 (including) | v200r019c00spc600 (including) |
Cloudengine_12800_firmware | Huawei | v200r019c00spc800 (including) | v200r019c00spc800 (including) |
Cloudengine_12800_firmware | Huawei | v200r019c10 (including) | v200r019c10 (including) |