CVE-2011-0355

Name of the Vulnerable Software and Affected Versions Cisco Nexus 1000V Virtual Ethernet Module (VEM) versions 4.0(4) SV1(1) through SV1(3b)

Description The issue is related to the improper handling of dropped packets, which can be exploited by guest OS users to cause a denial of service. This can be achieved by sending an 802.1Q tagged packet over an access vEthernet port, resulting in the crash of the ESX or ESXi host OS.

Recommendations For Cisco Nexus 1000V Virtual Ethernet Module (VEM) versions 4.0(4) SV1(1) through SV1(3b), consider restricting access to the vEthernet port to minimize the risk of exploitation. As a temporary workaround, avoid using 802.1Q tagged packets over access vEthernet ports until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.