CVE-2017-17141
Description
Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R007C20; V200R008C00; V200R009C00;S1700 V200R006C10; V200R009C00;S2700 V100R006C03; V200R003C00; V200R005C00; V200R006C00; V200R006C10; V200R007C00; V200R007C00B050; V200R007C00SPC009T; V200R007C00SPC019T; V200R008C00; V200R009C00;S3700 V100R006C03;S5700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R003C02; V200R005C00; V200R005C01; V200R005C02; V200R005C03; V200R006C00; V200R007C00; V200R008C00; V200R009C00;S6700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R005C01; V200R005C02; V200R008C00; V200R009C00;S7700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R006C00; V200R006C01; V200R007C00; V200R007C01; V200R008C00; V200R008C06; V200R009C00;S9700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R008C00; V200R009C00 have a memory leak vulnerability. In some specific conditions, if attackers send specific malformed MPLS Service PING messages to the affected products, products do not release the memory when handling the packets. So successful exploit will result in memory leak of the affected products.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A memory leak in Huawei switches (multiple series) when handling malformed MPLS Service PING messages, leading to denial of service.
Vulnerability
A memory leak vulnerability exists in the MPLS Service PING packet processing module of multiple Huawei switch series, including S12700, S1700, S2700, S3700, S5700, S6700, S7700, and S9700. Affected firmware versions span V100R006C03, V200R001C00 through V200R009C00, with specific builds listed per product in the advisory [1]. When the device receives specially crafted malformed MPLS Service PING messages under specific conditions, it fails to release allocated memory during processing, leading to gradual memory exhaustion.
Exploitation
An attacker must be able to send MPLS Service PING messages to the targeted switch. No authentication or prior access is required; the attack vector is network-based. The attacker crafts malformed MPLS Service PING payloads and transmits them to an affected device. Each malformed packet triggers the memory leak, and repeated transmission will cumulatively consume memory until the device runs out of resources.
Impact
Successful exploitation results in memory exhaustion on the affected device. This can cause the switch to become unresponsive, crash, or reboot, resulting in a denial of service (DoS) condition. There is no indication of code execution, privilege escalation, or data compromise beyond the availability impact.
Mitigation
Huawei has released fixed versions: S12700 should be upgraded to V200R008SPH010 or V200R009C00SPC500; other affected models should consult the advisory [1] for the specific resolved version. If patching is not immediately possible, network administrators can restrict access to MPLS Service PING handling (e.g., via ACLs or disabling MPLS OAM) as a temporary workaround. No known exploitation in the wild at the time of disclosure.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
9- Huawei Technologies Co., Ltd./S12700; S1700; S2700; S3700; S5700; S6700; S7700; S9700v5Range: S12700 V200R005C00
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-mpls-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.