Cisco Bug: CSCuq10466 - IOS XR Software Malformed MPLS Packet Denial of Service Vulnerability
May 11, 2018
- Cisco Network Convergence System 6000 Series Routers
- Cisco NCS 6008 - 8-Slot Chassis
- Cisco IOS XR Software
Known Affected Releases
Symptom: A vulnerability in parsing of malformed Multiprotocol Label Switching (MPLS) packets in Cisco IOS XR Software for Cisco Network Convergence System 6000 Series Routers could allow an unauthenticated, adjacent attacker to cause a lockup and eventual reload of a network processor unit (NPU) and a line card processing traffic. The vulnerability is due to insufficient logic in parsing MPLS packets. An attacker could exploit this vulnerability by sending a malformed MPLS packet to be processed by the affected device. An exploit could allow the attacker to cause a lockup and eventual reload of a network processor unit and a line card, leading to a denial of service (DoS) condition. Conditions: Device configured to process MPLS packets.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases