Guest

Preview Tool

Cisco Bug: CSCuj72215 - RTCP packets fill up input queue causing performance issues

Last Modified

Apr 24, 2020

Products (1)

  • Cisco IOS

Known Affected Releases

15.2(4)M2.9 15.2(4)M4.4

Description (partial)

Symptom:
 
A vulnerability in handling of RTCP traffic of Cisco CUBE could allow an unauthenticated, remote attacker to cause traffic destined to an affected 
device as well as traffic that needs to be processed-switched to fail.
 
The vulnerability is due to exhaustion of interface input queue by the RTCP traffic. An attacker could exploit this vulnerability by sending RTCP packet 
in a specific sequence. An exploit could allow the attacker to cause traffic destined to an affected device as well as traffic that needs to be processed-
switched to fail.
 
 
Conditions: 
 
RTCP packets have been found to be associated with SIP but any voice protocol may be involved.
 
The default input queue size is 75 on ISR routers. When the input queue fills up, the size (76) will  exceed the max.  This may look like an input queue 
wedge on the surface but for this bug, the 
packets should be drained once the call is torn down and the socket is removed.  
The RTCP packets should only be punted to the CPU for processing (and thus hit the input queue) when the RTP session isn't yet established and we 
don't have a socket.  Once this establishment is done, RTCP traffic should be processed in the fast-path.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.