Cisco IPv6 Processing Vulnerability

Wednesday, February 25, 2015 @ 11:02 AM gHale

Cisco’s NCS 6000 and Carrier Routing System (CRS-X) have an IPv6 software bug that needs patching, officials said.

The bug impacts the ways Cisco IOS XR units parse IPv6 packets and an attack exploiting the problem could result in a forced restart of the line card processing the traffic.

Risk with Custom VPN Portals
Complex Security Should be Easy
SAS: Security for Accelerator
DDoS Attack Costs on Rise

“An attacker could exploit this vulnerability by sending a malformed IPv6 packet, carrying extension headers, through an affected Cisco IOS XR device line card,” the company’s advisory said. “This vulnerability could be exploited repeatedly to cause an extended DoS (Denial of Service) condition.”

It is only a problem if you process IPv6 traffic using the vulnerable IOS XR software. It’s also restricted to traffic transiting the affected device: Traffic using the device headed somewhere else will not trigger the vulnerability.

For the Cisco NCS 6000, all versions of the IOS XR software except 5.3.2 suffer from the issue. For IOS XR for CRS-X, all versions that support CRS-X line cards, including the 400 Gbps Modular Service Card (MSC) and 400 Gbps Forwarding Processor Cards, the safe version is 5.3.0 – all other versions are vulnerable.

The case number for the vulnerability is CVE-2015-0618.

Leave a Reply

You must be logged in to post a comment.