Advisory ID: cisco-sa-20150220-ipv6
Revision 1.0
For Public Release 2015 February 20 16:30 UTC (GMT)
+-----------------------------
Summary
=======
A vulnerability in the parsing of malformed IP version 6 (IPv6) packets in Cisco IOS XR Software for Cisco Network Convergence System 6000 (NCS 6000) and Cisco Carrier Routing System (CRS-X) could allow an unauthenticated, remote attacker to cause a reload of a line card that is processing traffic.
The vulnerability is due to improper processing of malformed IPv6 packets carrying extension headers. An attacker could exploit this vulnerability by sending a malformed IPv6 packet, carrying extension headers, through an affected Cisco IOS XR device line card. An exploit could allow the attacker to cause a reload of the line card on the affected Cisco IOS XR device.
Cisco has released free software updates that address this vulnerability.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/
Komentarų nėra:
Rašyti komentarą