CVE-2016-8795

Name of the Vulnerable Software and Affected Versions Huawei CloudEngine 12800 versions V100R002C00 through V100R006C00 Huawei CloudEngine 5800 versions V100R002C00 through V100R006C00 Huawei CloudEngine 6800 versions V100R002C00 through V100R006C00 Huawei CloudEngine 7800 versions V100R003C00 through V100R006C00 Huawei CloudEngine 8800 version V100R006C00 Huawei Secospace USG6600 version V500R001C00

Description The issue is caused by an integer overflow that can be triggered by remote, unauthenticated attackers crafting specific IPFPM packets. This is due to the lack of validation in some fields of the packet. The exploitation of this issue can cause the device to reset.

Recommendations For Huawei CloudEngine 12800 versions V100R002C00 through V100R006C00, update to a version that includes the fix for this issue. For Huawei CloudEngine 5800 versions V100R002C00 through V100R006C00, update to a version that includes the fix for this issue. For Huawei CloudEngine 6800 versions V100R002C00 through V100R006C00, update to a version that includes the fix for this issue. For Huawei CloudEngine 7800 versions V100R003C00 through V100R006C00, update to a version that includes the fix for this issue. For Huawei CloudEngine 8800 version V100R006C00, update to a version that includes the fix for this issue. For Huawei Secospace USG6600 version V500R001C00, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to IPFPM packets to minimize the risk of exploitation.