Possible buffer overflow in portcfgfportbuffers in Brocade Fabric OS

Vulnerability

A buffer overflow vulnerability exists in the portcfgfportbuffers command of Brocade Fabric OS. A local authenticated privileged user can supply large input to buffers, triggering a buffer overflow condition that leads to a kernel panic. All versions of Brocade Fabric OS prior to the fixed releases are affected, including versions before v9.2.0a [1].

Exploitation

An attacker must have local authenticated privileged access to a Brocade switch running an affected version of Fabric OS. The attacker then executes the portcfgfportbuffers command with oversized input, causing a buffer overflow that results in a kernel panic [1]. No user interaction beyond the attacker's own actions is required.

Impact

Successful exploitation causes a kernel panic, resulting in a denial of service (system crash). The vulnerability does not appear to allow code execution or privilege escalation; the primary impact is on availability [1].

Mitigation

Brocade has released fixed versions: Fabric OS v9.2.0a, v9.1.1d, and v8.2.3e [1]. Users should upgrade to one of these versions or later. No workarounds are documented. The vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog as of the publication date.