‘Cisco IOS XR Software IP Packet Vulnerability’
‘The original article can be found at: http://www.cisco.com/warp/public/707/cisco-sa-20110525-iosxr.shtml‘
* Cisco IOS XR Software Releases 3.8.3
* Cisco IOS XR Software Releases 3.8.4
* Cisco IOS XR Software Releases 3.9.1
* Cisco IOS Software
* Cisco IOS XE Software for Cisco ASR 1000 Series Routers
* Cisco NX-OS Software
Successful exploitation could cause the NetIO process to restart. Under a sustained attack, the Cisco CRS Modular Services Card (MSC) on a Cisco Carrier Routing System (CRS) or a Line Card on a Cisco 12000 Series Router or Cisco ASR 9000 Series Aggregation Services Router will reload.
This vulnerability affects any device that is running affected releases of Cisco IOS XR Software and has an IPv4 address configured on one of the interfaces of a Cisco Line Card or Cisco CRS MSC.
When a Cisco Line Card or Cisco CRS MSC sends a specific IPv4 packet, the NetIO process will restart. If the NetIO process is restarted several times, the Cisco Line Card or Cisco CRS MSC will reload, which could cause a denial of service (DoS) condition for traffic that is transiting the affected line cards.
Although a crash is caused by a packet that originates from the Cisco Line Card or Cisco CRS MSC, an unauthenticated, remote user can trigger the vulnerability by sending specific IP packets to or through the device. In the latter scenario, the Cisco Line Card or Cisco CRS MSC will create the specific IPv4 packet response that triggers the vulnerability.
Successful exploitation of the vulnerability may result in a reload of the Cisco CRS MSC on a Cisco CRS or the line cards on a Cisco 12000 Series Router or Cisco ASR 9000 Series Aggregation Services Router. Repeated exploitation could result in a sustained DoS condition.
Revision 1.0 2011-May-25 Initial public release.’