CVE Vulnerabilities

CVE-2023-20089

Missing Release of Memory after Effective Lifetime

Published: Feb 23, 2023 | Modified: Nov 07, 2023
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This vulnerability is due to incorrect error checking when parsing ingress LLDP packets. An attacker could exploit this vulnerability by sending a steady stream of crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause a memory leak, which could result in a denial of service (DoS) condition when the device unexpectedly reloads. Note: This vulnerability cannot be exploited by transit traffic through the device. The crafted LLDP packet must be targeted to a directly connected interface, and the attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). In addition, the attack surface for this vulnerability can be reduced by disabling LLDP on interfaces where it is not required.

Weakness

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

Affected Software

Name Vendor Start Version End Version
Nx-os Cisco 15.2(1g) (including) 15.2(1g) (including)
Nx-os Cisco 15.2(2e) (including) 15.2(2e) (including)
Nx-os Cisco 15.2(2f) (including) 15.2(2f) (including)
Nx-os Cisco 15.2(2g) (including) 15.2(2g) (including)
Nx-os Cisco 15.2(2h) (including) 15.2(2h) (including)
Nx-os Cisco 15.2(3e) (including) 15.2(3e) (including)
Nx-os Cisco 15.2(3f) (including) 15.2(3f) (including)
Nx-os Cisco 15.2(3g) (including) 15.2(3g) (including)
Nx-os Cisco 15.2(4d) (including) 15.2(4d) (including)
Nx-os Cisco 15.2(4e) (including) 15.2(4e) (including)
Nx-os Cisco 15.2(4f) (including) 15.2(4f) (including)
Nx-os Cisco 15.2(5c) (including) 15.2(5c) (including)
Nx-os Cisco 15.2(5d) (including) 15.2(5d) (including)
Nx-os Cisco 15.2(5e) (including) 15.2(5e) (including)
Nx-os Cisco 16.0(1g) (including) 16.0(1g) (including)
Nx-os Cisco 16.0(1j) (including) 16.0(1j) (including)

Potential Mitigations

  • Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
  • For example, glibc in Linux provides protection against free of invalid pointers.
  • When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
  • To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.

References