Guest

Preview Tool

Cisco Bug: CSCuw56900 - Cisco GSR 12000 UDP Port Range BFD Denial of Service (DoS) Vulnerability

Last Modified

Jan 11, 2017

Products (1)

  • Cisco 12000 Series Routers

Known Affected Releases

4.3.2.BASE

Description (partial)

Symptom:
A vulnerability in Application-Specific Integrated Circuit (ASIC) User Datagram Protocol (UDP) 
ingress receive function of the Cisco Gigabit Switch Router (GSR) 12000 Series Routers could 
allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition 
due to one line card in the router unexpectedly restarting.

The vulnerability is due to improper input validation for the presence of a Bidirectional Forwarding 
Detection (BFD) header on the UDP packet. An attacker could exploit this vulnerability by sending a 
crafted UDP packet with a specific UDP port range and Time To Live (TTL) field to the affected device. 
An exploit could allow the attacker to cause a partial denial of service (DoS) condition due to a line 
card unexpectedly restarting.

Conditions:
Only line cards with serial interfaces are affected by this vulnerability.
The issue is seen in 4.3 onwards releases of IOS XR for GSR12k.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.