CVE-2016-8784
Description
Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (LDP) packets to the devices. When the values of some parameters in the packet are abnormal, the LDP processing module does not release the memory to handle the packet, resulting in memory leak.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Memory leak in Huawei CloudEngine 12800 LDP processing allows unauthenticated attackers to exhaust device memory via malformed packets.
Vulnerability
A memory leak vulnerability exists in the Label Distribution Protocol (LDP) processing module of Huawei CloudEngine 12800 switches running firmware versions V100R003C00, V100R003C10, V100R005C00, V100R005C10, and V100R006C00. When the device receives specific LDP packets with abnormal parameter values, the LDP processing module fails to release allocated memory, leading to a gradual memory leak [1].
Exploitation
An unauthenticated attacker can exploit this vulnerability by sending crafted LDP packets to the target device. No authentication or prior access is required; the attacker only needs network connectivity to the affected switch. The abnormal parameter values in the LDP packets trigger the memory leak condition [1].
Impact
Successful exploitation causes a persistent memory leak, eventually exhausting available memory on the device. This can lead to denial of service (DoS) as the switch becomes unable to process legitimate traffic or perform normal operations [1].
Mitigation
Huawei has released fixed firmware versions: upgrade to V100R003SPH011, V100R005SPH005, or V100R006SPH005 depending on the original version. No workaround is documented. Users should apply the appropriate patch as soon as possible [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00
- Huawei Technologies Co., Ltd./CloudEngine 12800v5Range: CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.huawei.com/en/psirt/security-advisories/huawei-sa-20161221-01-ldp-enmitrex_refsource_CONFIRM
- www.securityfocus.com/bid/95079mitrevdb-entryx_refsource_BID
News mentions
0No linked articles in our index yet.