Guest

Preview Tool

Cisco Bug: CSCuo37957 - ATTN-3-SYNC_TIMEOUT - IOS-XE CPU Resource Consumption Vulnerability

Last Modified

Oct 03, 2019

Products (1)

  • Cisco ASR 1000 Series Aggregation Services Routers

Known Affected Releases

15.3(3)S

Description (partial)

Symptom:
A vulnerability in the packet reassembly subsystem of Cisco IOS-XE could allow an unauthenticated, remote attacker to consume CPU resources which may lead to a denial of service (DoS) condition.

The vulnerability is due to an error message that is triggered to both the console and syslog when a fragmented packet can not be properly reassembled.  When an affected device fails to successfully perform reassembly, instead of silently dropping the fragments an error message of ATTN-3-SYNC_TIMEOUT may be triggered.  On a device that is highly loaded, this may be leveraged to consume CPU resources that may be required by another process resulting in a temporary halt of the queued process.  In some situations this may lead to a drop of transit traffic.  An attacker could trigger this vulnerability by sending a series of IPv4 or IPv6 fragments directly to the affected device that are designed to trigger the error message.

Cisco IOS-XE devices rate limit error messages to once every 60 seconds by default.

Conditions:
Cisco ASR 1000, Cisco CSR 1000V, or Cisco ISR 4400 series devices running an affected version of Cisco IOS-XE are vulnerable.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.