Guest

Preview Tool

Cisco Bug: CSCup37676 - OTV jumbo packet fragmentation and reassembly causes ASR1K CPP crash

Last Modified

Apr 19, 2019

Products (1)

  • Cisco ASR 1000 Series Aggregation Services Routers

Known Affected Releases

15.3(3)S1

Description (partial)

Symptoms:

A vulnerability in OTV processing code of Cisco IOS XE could allow an unauthenticated, adjacent attacker to cause a reload of the affected device.

The vulnerability is due to improper processing of oversized OTV frames passing through an affected device. An attacker could exploit this vulnerability by sending a number of packets that are processed as oversized OTV frames that may require 
fragmentation and reassembly by an affected device. An exploit could allow the attacker to cause a reload of the affected device.

Conditions:
This has been seen on two ASR1002-X's running IOS-XE 03.10.01.S.  Crash was seen when passing large packets across an OTV topology.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.