CVE-2020-9124

Description

There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak.

Affected products

• Huawei / CloudEngine 12800V200R002C50SPC800 – V200R002C50SPC800
• Huawei / CloudEngine 12800V200R003C00SPC810 – V200R003C00SPC810
• Huawei / CloudEngine 12800V200R005C00SPC800 – V200R005C00SPC800
• Huawei / CloudEngine 12800V200R005C10SPC800 – V200R005C10SPC800
• Huawei / CloudEngine 5800V200R002C50SPC800 – V200R002C50SPC800
• Huawei / CloudEngine 5800V200R003C00SPC810 – V200R003C00SPC810
• Huawei / CloudEngine 5800V200R005C00SPC800 – V200R005C00SPC800
• Huawei / CloudEngine 5800V200R005C10SPC800 – V200R005C10SPC800
• Huawei / CloudEngine 6800V200R002C50SPC800 – V200R002C50SPC800
• Huawei / CloudEngine 6800V200R003C00SPC810 – V200R003C00SPC810
• Huawei / CloudEngine 6800V200R005C00SPC800 – V200R005C00SPC800
• Huawei / CloudEngine 6800V200R005C10SPC800 – V200R005C10SPC800
• Huawei / CloudEngine 7800V200R002C50SPC800 – V200R002C50SPC800
• Huawei / CloudEngine 7800V200R003C00SPC810 – V200R003C00SPC810
• Huawei / CloudEngine 7800V200R005C00SPC800 – V200R005C00SPC800
• Huawei / CloudEngine 7800V200R005C10SPC800 – V200R005C10SPC800

References

• VENDOR_ADVISORYhttps://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201223-01-cloudengine-en