Guest

Preview Tool

Cisco Bug: CSCuo95165 - IOS XR Software Malformed IPv6 Packet Denial of Service Vulnerability

Last Modified

Jan 24, 2019

Products (24)

  • Cisco Carrier Routing System
  • Cisco CRS-1 Line Card Chassis (Dual)
  • Cisco CRS-1 16-Slot Line Card Chassis
  • Cisco CRS-1 Line Card Chassis (Multi)
  • Cisco CRS-3 Multishelf System
  • Cisco IOS XR Software
  • Cisco ASR 9922 Router
  • Cisco CRS-1 4-Slot Single-Shelf System
  • Cisco ASR 9010 Router
  • Cisco CRS-1 Fabric Card Chassis
View all products in Bug Search Tool Login Required

Known Affected Releases

4.3.2.BASE

Description (partial)

Symptom:
A vulnerability in the ICMPv6 client library of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause high CPU utilization on a line card of the device running Cisco IOS XR Software and certain IPv6 traffic to the affected device could be dropped.

The vulnerability is due to improper processing of malformed IPv6 packets. An attacker could exploit this vulnerability by sending a malformed IPv6 packet to be processed when IPv6 is configured on an affected device. An exploit could allow the attacker to cause high CPU utilization on a line card of the affected device, and certain IPv6 traffic to the affected device could be dropped.

Conditions:
Device configured to process IPv6 traffic.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.