Security Advisory - IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability
- SA No:huawei-sa-20160824-01-ipv6
- Initial Release Date: Aug 24, 2016
- Last Release Date: May 24, 2017
There is a vulnerability in the IP Version 6 (IPv6) Neighbor Discovery packet process of multiple products, successful exploit could allow an unauthenticated, remote attacker to cause an affected device to start dropping legitimate IPv6 neighbors as legitimate ND times out, leading to a denial of service (DoS). (Vulnerability ID: HWPSIRT-2016-06012)
This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-1409.Huawei has released software updates to fix these vulnerabilities. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-01-ipv6-en
|
Product Name |
Affected Version |
Resolved Product and Version |
|
AR120& AR150& AR160& AR200& AR500& AR510& AR1200& AR2200& AR3200& AR3600 |
V200R005C00 |
Upgrade to V200R007C00SPC900 |
|
V200R006C00 |
||
|
V200R006C10 |
||
|
V200R007C00 |
V200R007C00SPC900 |
|
|
CloudEngine 12800 |
V100R001C00 |
Upgrade to V200R001C00SPC700 |
|
V100R001C01 |
||
|
V100R002C00 |
||
|
V100R003C00 |
||
|
V100R003C10 |
||
|
V100R005C00 |
||
|
V100R005C10 |
||
|
V100R006C00 |
||
|
CloudEngine 5800 |
V100R001C00 |
Upgrade to V200R001C00SPC700 |
|
V100R001C01 |
||
|
V100R002C00 |
||
|
V100R003C00 |
||
|
V100R003C10 |
||
|
V100R005C00 |
||
|
V100R005C10 |
||
|
V100R006C00 |
||
|
CloudEngine 6800 |
V100R001C00 |
Upgrade to V200R001C00SPC700 |
|
V100R001C01 |
||
|
V100R002C00 |
||
|
V100R003C00 |
||
|
V100R003C10 |
||
|
V100R005C00 |
||
|
V100R005C10 |
||
|
V100R006C00 |
||
|
CloudEngine 7800 |
V100R003C00 |
Upgrade to V200R001C00SPC700 |
|
V100R003C10 |
||
|
V100R005C00 |
||
|
V100R005C10 |
||
|
V100R006C00 |
||
|
CloudEngine 8800 |
V100R006C00 |
Upgrade to V200R001C00SPC700 |
|
S12700 |
V200R005C00 |
Upgrade to V200R009C00SPC500 |
|
V200R006C00 |
||
|
V200R007C00 |
||
|
V200R008C00 |
||
|
V200R009C00 |
V200R009C00SPC500 |
|
|
S2300 |
V100R006C05 |
Upgrade to V100R006SPH028 |
|
S2700 |
V100R006C05 |
Upgrade to V100R006SPH028 |
|
S3300 |
V100R006C05 |
Upgrade to V100R006SPH028 |
|
S3700 |
V100R006C05 |
Upgrade to V100R006SPH028 |
|
S5300 |
V200R002C00 |
Upgrade to V200R005C00SPC500+V200R005SPH012 |
|
V200R005C00 |
V200R005C00SPC500+V200R005SPH012 |
|
|
V200R006C00 |
Upgrade to V200R009C00SPC500 |
|
|
V200R007C00 |
||
|
V200R008C00 |
||
|
V200R009C00 |
V200R009C00SPC500 |
|
|
S5700 |
V200R002C00 |
Upgrade to V200R005C00SPC500+V200R005SPH012 |
|
V200R003C00 |
||
|
V200R005C00 |
V200R005C00SPC500+V200R005SPH012 |
|
|
V200R006C00 |
Upgrade to V200R009C00SPC500 |
|
|
V200R007C00 |
||
|
V200R008C00 |
||
|
V200R009C00 |
V200R009C00SPC500 |
|
|
S6300 |
V200R002C00 |
Upgrade to V200R005C00SPC500+V200R005SPH012 |
|
V200R003C00 |
||
|
V200R005C00 |
V200R005C00SPC500+V200R005SPH012 |
|
|
V200R007C00 |
Upgrade to V200R009C00SPC500 |
|
|
V200R008C00 |
||
|
V200R009C00 |
V200R009C00SPC500 |
|
|
S6700 |
V200R002C00 |
Upgrade to V200R005C00SPC500+V200R005SPH012 |
|
V200R003C00 |
||
|
V200R005C00 |
V200R005C00SPC500+V200R005SPH012 |
|
|
V200R007C00 |
Upgrade to V200R009C00SPC500 |
|
|
V200R008C00 |
||
|
V200R009C00 |
V200R009C00SPC500 |
|
|
S7700 |
V200R002C00 |
Upgrade to V200R009C00SPC500 |
|
V200R003C00 |
||
|
V200R005C00 |
||
|
V200R006C00 |
||
|
V200R007C00 |
||
|
V200R008C00 |
||
|
V200R009C00 |
V200R009C00SPC500 |
|
|
S9300 |
V200R002C00 |
Upgrade to V200R009C00SPC500 |
|
V200R003C00 |
||
|
V200R005C00 |
||
|
V200R006C00 |
||
|
V200R007C00 |
||
|
V200R008C00 |
||
|
V200R009C00 |
V200R009C00SPC500 |
|
|
S9700 |
V200R002C00 |
Upgrade to V200R009C00SPC500 |
|
V200R003C00 |
||
|
V200R005C00 |
||
|
V200R006C00 |
||
|
V200R007C00 |
||
|
V200R008C00 |
||
|
V200R009C00 |
V200R009C00SPC500 |
The vulnerability classification has been performed by using the CVSSv2 scoring system (http://www.first.org/cvss/).
Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Temporal Score: 4.1 (E:F/RL:O/RC:C)
1. Prerequisite:
The attacker gains access to the device network;
2. Attacking procedure:
An attacker could exploit this vulnerability by sending crafted IPv6 Neighbor Discovery (ND) packets to an affected device for processing. Successful exploit could allow an unauthenticated, remote attacker to cause an affected device to start dropping legitimate IPv6 neighbors as legitimate ND times out, leading toDOS.
Customers should contact Huawei TAC (Huawei Technical Assistance Center) to request the upgrades. For TAC contact information, please refer to Huawei worldwide website at http://www.huawei.com/en/psirt/report-vulnerabilities.
This vulnerability was reported to Huawei PSIRT by CERT/CC.
2017-05-24 V1.2 UPDATED Updated the affected product list and fixed version
2017-01-18 V1.1 UPDATED Updated the affected product list and fixed version
2016-08-24 V1.0 INITIAL
None
Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.
To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.
To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.
