CVE-2017-17141

Name of the Vulnerable Software and Affected Versions Huawei S12700 versions V200R005C00 through V200R009C00 Huawei S1700 versions V200R006C10 through V200R009C00 Huawei S2700 versions V100R006C03 through V200R009C00 Huawei S3700 version V100R006C03 Huawei S5700 versions V200R001C00 through V200R009C00 Huawei S6700 versions V200R001C00 through V200R009C00 Huawei S7700 versions V200R001C00 through V200R009C00 Huawei S9700 versions V200R001C00 through V200R009C00

Description The issue is related to a memory leak vulnerability in certain Huawei products. When attackers send specific malformed MPLS Service PING messages to the affected products under specific conditions, the products fail to release the memory when handling the packets, resulting in a memory leak.

Recommendations For Huawei S12700 versions V200R005C00 through V200R009C00, restrict access to the MPLS Service PING messages to minimize the risk of exploitation. For Huawei S1700 versions V200R006C10 through V200R009C00, consider disabling the handling of MPLS Service PING messages until a patch is available. For Huawei S2700 versions V100R006C03 through V200R009C00, avoid using the vulnerable function related to MPLS Service PING message handling. For Huawei S3700 version V100R006C03, restrict access to the vulnerable module to minimize the risk of exploitation. For Huawei S5700 versions V200R001C00 through V200R009C00, consider applying configuration changes to limit the impact of the memory leak. For Huawei S6700 versions V200R001C00 through V200R009C00, temporarily disable the handling of MPLS Service PING messages until a patch is available. For Huawei S7700 versions V200R001C00 through V200R009C00, restrict access to the vulnerable API endpoint related to MPLS Service PING messages. For Huawei S9700 versions V200R001C00 through V200R009C00, consider applying configuration changes to limit the impact of the memory leak. At the moment, there is no information about a newer version that contains a fix for this vulnerability.