Guest

Preview Tool

Cisco Bug: CSCuq10466 - IOS XR Software Malformed MPLS Packet Denial of Service Vulnerability

Last Modified

May 11, 2018

Products (3)

  • Cisco Network Convergence System 6000 Series Routers
  • Cisco NCS 6008 - 8-Slot Chassis
  • Cisco IOS XR Software

Known Affected Releases

5.0.1.BASE 5.0.1.LC

Description (partial)

Symptom: 
A vulnerability in parsing of malformed Multiprotocol Label Switching (MPLS) packets in Cisco IOS XR Software for Cisco Network Convergence System 6000 Series Routers could allow an unauthenticated, 
adjacent attacker to cause a lockup and eventual reload of a network processor unit (NPU) and a line card processing traffic. 
 
The vulnerability is due to insufficient logic in parsing MPLS packets. An attacker could exploit this vulnerability by sending a malformed MPLS packet to be processed by the affected device. An exploit could allow 
the attacker to cause a lockup and eventual reload of a network processor unit and a line card, leading to a denial of service (DoS) condition.
 
 
Conditions:
Device configured to process MPLS packets.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.