You are here

T-552: Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi

February 8, 2011 - 7:49am

Addthis

PROBLEM:

Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi.

PLATFORM:

ESXi 4.1, ESXi 4.0, ESX 4.1, ESX 4.0

The following Cisco products have the vulnerability:

- Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3b)
- Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3a)
- Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3)
- Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(2)
- Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(1)

ABSTRACT:

The Cisco Nexus 1000V Virtual Ethernet Module (VEM) is a virtual switch for ESX and ESXi. This switch can be added to ESX and ESXi where it replaces the VMware virtual switch and runs as part of the ESX and ESXi kernel. A flaw in the handling of dropped packets by Cisco Nexus 1000V VEM can cause ESX and ESXi to crash.

reference LINKS:

Cisco Nexus 1000V Release Notes
VMware Security Advisory
SecurityTracker Alert ID: 1025030
CVE-2011-0355

IMPACT ASSESSMENT:

Medium

Discussion:

The Cisco Nexus 1000V Virtual Ethernet Module (VEM) is a virtual switch for ESX and ESXi. This switch can be added to ESX and ESXi where it replaces the VMware virtual switch and runs as part of the ESX and ESXi kernel.

A flaw in the handling of dropped packets by Cisco Nexus 1000V VEM can cause ESX and ESXi to crash.

VMware customers are only affected by this vulnerability if they have chosen to deploy the Cisco Nexus 1000V virtual switch as a replacement for the VMware vNetwork Standard Switch or the VMware vNetwork Distributed Switch.

VMware has confirmed that the VMware vNetwork Standard Switch and the VMware vNetwork Distributed Switch are not affected by the vulnerability.

Solution:

The issue is addressed by Cisco in the following releases:

- Cisco Nexus 1000V Virtual Ethernet Module Release 4.2(4) SV1(4)
Release 4.2(1) SV1(4)

- Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3c)
Release 4.0(4) SV1(3c)

2011-02-07 VMSA-2011-0002
Initial security advisory in conjunction with the release of Cisco Nexus 1000V Virtual Ethernet Module 1.3c on 2011-02-04.
Cisco bug ID CSCtj17451 (registered Cisco customers only)

Addthis