Today, VMware has released the following new security advisory:
VMSA-2017-0014 – VMware NSX-V Edge updates address OSPF Protocol LSA DoS
The advisory documents a hard to exploit denial of service vulnerability in the implementation of the OSPF protocol in NSX-V Edge (CVE-2017-4920). This issue is present due to incorrect handling of link-state advertisements (LSA). NSX-V Edge 6.2.8 and NSX-V Edge 6.3.3 address the issue.
We would like to thank Adi Sosnovich, Orna Grumberg and Gabi Nakibly for reporting this issue to us.
Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories.
Customers should review the security advisory and direct any questions to VMware Support.