CVE-2018-0136

A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart. This vulnerability affects Cisco Aggregation Services Router (ASR) 9000 Series when the following conditions are met: The router is running Cisco IOS XR Software Release 5.3.4, and the router has installed Trident-based line cards that have IPv6 configured. A software maintenance upgrade (SMU) has been made available that addresses this vulnerability. The fix has also been incorporated into service pack 7 for Cisco IOS XR Software Release 5.3.4. Cisco Bug IDs: CSCvg46800.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:cisco:ios_xr:5.3.4:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:37

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/102905 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/102905 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id/1040315 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1040315 - Third Party Advisory, VDB Entry
References () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6 - Patch, Vendor Advisory () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6 - Patch, Vendor Advisory

Information

Published : 2018-01-31 20:29

Updated : 2024-11-21 03:37


NVD link : CVE-2018-0136

Mitre link : CVE-2018-0136

CVE.ORG link : CVE-2018-0136


JSON object : View

Products Affected

cisco

  • asr_9912
  • ios_xr
  • asr_9006
  • asr_9904
  • asr_9001
  • asr_9906
  • asr_9010
  • asr_9910
  • asr_9922
CWE
CWE-20

Improper Input Validation

NVD-CWE-Other