CVE-2021-37122

Vulnerability

A use-after-free (UAF) vulnerability exists in Huawei CloudEngine 12800, 5800, 6800, and 7800 series switches. The affected versions include CloudEngine 12800 V200R005C10SPC800 and V200R019C00SPC800; CloudEngine 5800 V200R005C10SPC800 and V200R019C00SPC800; CloudEngine 6800 V200R005C10SPC800, V200R005C20SPC800, and V200R019C00SPC800; and CloudEngine 7800 V200R005C10SPC800 and V200R019C00SPC800 [1]. The vulnerability can be triggered when the device processes specially crafted packets, leading to a use-after-free condition in memory management.

Exploitation

An attacker can exploit this vulnerability by sending specifically crafted network packets to an affected Huawei CloudEngine switch. No authentication or user interaction is required; the attacker only needs network access to the target device [1]. The exact sequence of steps is not disclosed, but the vulnerability is triggered during packet processing.

Impact

Successful exploitation of the use-after-free vulnerability may cause the affected service to become abnormal, potentially leading to a denial of service (DoS) condition [1]. The severity is rated as High, and while remote code execution is not explicitly mentioned, service disruption is the confirmed impact.

Mitigation

Huawei has released software updates to fix this vulnerability. For CloudEngine 12800 and 5800, the fixed version is V200R005SPH027 for V200R005C10SPC800, and V200R019C10SPC800 for V200R019C00SPC800. For CloudEngine 6800, the fixed versions are V200R005SPH027 and V200R005C10SPC800? (check). The advisory is available at the referenced link [1]. Users should update their devices to the resolved versions as listed in the security advisory.