Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability
You are here
A vulnerability in the parsing of malformed IP version 6 (IPv6) packets in Cisco IOS XR Software for Cisco Network Convergence System 6000 (NCS 6000) and Cisco Carrier Routing System (CRS-X) could allow an unauthenticated, remote attacker to cause a reload of a line card that is processing traffic.
The vulnerability is due to improper processing of malformed IPv6 packets carrying extension headers. An attacker could exploit this vulnerability by sending a malformed IPv6 packet, carrying extension headers, through an affected Cisco IOS XR device line card. An exploit could allow the attacker to cause a reload of the line card on the affected Cisco IOS XR device.
CERT Uganda encourages its users and administrators to review the Cisco Advisory and apply the necessary updates.
[source] http://cert.ug/article/cisco-ios-xr-software-ipv6-malformed-packet-denia...