CVE-2015-4324

Name of the Vulnerable Software and Affected Versions Cisco NX-OS versions 7.3(0)ZN(0.81) Cisco NX-OS version 4.1(2)E1(1c) Cisco NX-OS version 7.2(0)N1(0.1)

Description The issue is caused by a buffer overflow in the Cisco NX-OS, allowing remote attackers to cause a denial of service via a malformed IGMPv3 packet. This occurs due to improper input validation when ensuring the memory allocated is large enough for the number of included sources in the IGMPv3 packet. An attacker could exploit this by sending a crafted IGMPv3 packet to the targeted device, potentially causing the IGMP process to restart. The attacker must be on the same broadcast or collision domain as the affected device to exploit this issue.

Recommendations For Cisco NX-OS version 7.3(0)ZN(0.81), update to a fixed software version to resolve the issue. For Cisco NX-OS version 4.1(2)E1(1c), update to a fixed software version to resolve the issue. For Cisco NX-OS version 7.2(0)N1(0.1), update to a fixed software version to resolve the issue. As a temporary workaround, consider restricting access to the IGMPv3 snooping feature on affected devices until a patch is available.