Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi

From: VMware Security Team <security () vmware com>
Date: Mon, 07 Feb 2011 21:30:24 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
                  VMware Security Advisory

Advisory ID:       VMSA-2011-0002
Synopsis:          Cisco Nexus 1000V VEM updates address denial of
                  service in VMware ESX/ESXi
Issue date:        2011-02-07
Updated on:        2011-02-07 (initial release of advisory)
CVE numbers:       CVE-2011-0355
- ------------------------------------------------------------------------

1. Summary

  Updated versions of the Cisco Nexus 1000V virtual switch address a
denial
  of service in VMware ESX/ESXi.

2. Relevant releases

  The following VMware products could be affected by a denial of service
  vulnerability that is present in older versions of the Cisco Nexus
  1000V virtual switch:

  - ESXi 4.1
  - ESXi 4.0
  - ESX 4.1
  - ESX 4.0

  The following Cisco products have the vulnerability:

  - Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3b)
  - Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3a)
  - Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3)
  - Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(2)
  - Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(1)
3. Problem Description 

a. Cisco Nexus 1000V Virtual Ethernet Module denial of service

   The Cisco Nexus 1000V Virtual Ethernet Module (VEM) is a virtual
   switch for ESX and ESXi. This switch can be added to ESX and ESXi
   where it replaces the VMware virtual switch and runs as part of the
   ESX and ESXi kernel.

   A flaw in the handling of dropped packets by Cisco Nexus 1000V VEM
   can cause ESX and ESXi to crash.

   The Common Vulnerabilities and Exposures project (cve.mitre.org)
   has assigned the name CVE-2011-0355 to the issue.

   The issue is addressed by Cisco in the following releases:
   - Cisco Nexus 1000V Virtual Ethernet Module Release 4.2(4) SV1(4)
   - Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3c)
   For details refer to the release notes of these releases (see
   section 4 for links).

   VMware customers are only affected by this vulnerability if they
   have chosen to deploy the Cisco Nexus 1000V virtual switch as a
   replacement for the VMware vNetwork Standard Switch or the VMware
   vNetwork Distributed Switch.

   VMware has confirmed that the VMware vNetwork Standard Switch and
   the VMware vNetwork Distributed Switch are not affected by the
   vulnerability.

   The issue is documented by Cisco in Cisco bug ID CSCtj17451 (see
   section 5 for a link).

4. Solution

  Cisco Nexus 1000V Virtual Ethernet Module Release 4.2(1) SV1(4)
  ---------------------------------------------------------------
  Release notes

http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_
1_4/release/notes/n1000v_rn.html
Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3c) 
  ----------------------------------------------------------------
  Release notes

http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_
1_3_c/release/notes/n1000v_rn.html

5. References

  CVE numbers
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0355

  Cisco bug ID CSCtj17451 (registered Cisco customers only)

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fe
tchBugDetails&bugId=CSCtj17451

- ------------------------------------------------------------------------

6. Change log

2011-02-07  VMSA-2011-0002
Initial security advisory in conjunction with the release of Cisco Nexus
1000V Virtual Ethernet Module 1.3c on 2011-02-04.

- -----------------------------------------------------------------------
7. Contact

E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:

 * security-announce at lists.vmware.com
 * bugtraq at securityfocus.com
 * full-disclosure at lists.grok.org.uk

E-mail:  security at vmware.com
PGP key at: http://kb.vmware.com/kb/1055

VMware Security Advisories
http://www.vmware.com/security/advisories

VMware security response policy
http://www.vmware.com/support/policies/security_response.html

General support life cycle policy
http://www.vmware.com/support/policies/eos.html

VMware Infrastructure support life cycle policy
http://www.vmware.com/support/policies/eos_vi.html

Copyright 2011 VMware Inc.  All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.8.3 (Build 4028)
Charset: utf-8

wj8DBQFNUNTIS2KysvBH1xkRAk1hAJ9iH1j58lM5KrwVaRYccSN3rWaw/wCePyLP
FHYGA7W1DEcKcOFWj7GkuHE=
=srWD
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: