Cisco Nexus 1000V是一款Cisco Nexus交换机的纯软件实现。当处理802.1Q标记的报文时存在错误,攻击者可以利用漏洞在当虚拟机在vEthernet端口上发送报文时使设备崩溃。漏洞影响如下产品:* Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3b)* Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3a)* Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3)* Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(2)* Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(1)
Cisco Nexus 1000V Virtual Ethernet Module 4.2(1) SV1(4)和4.0(4) SV1(3c)已经修复此漏洞,建议用户下载使用:http://www.cisco.com/en/US/products/ps9902/tsd_products_support_series_home.html