Cisco IOS XR Typhoon-based Line Cards and Network Processor (NP) Chip DoS

high Nessus Plugin ID 83054

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The remote Cisco device is running a version of Cisco IOS XR software that is affected by an error due to the improper processing of IPv4 packets routed through the bridge-group virtual interface (BVI) whenever Unicast Reverse Path Forwarding (uRPF), policy-based routing (PBR), quality of service (QoS), or access control lists (ACLs) are enabled. A remote, unauthenticated attacker can exploit this error to cause the device to lock up, forcing it to eventually reload the network processor chip and line card that are processing traffic.

Note that this issue only affects Cisco ASR 9000 series devices using Typhoon-based line cards.

Solution

Apply the relevant patch referenced in Cisco bug ID CSCur62957.

See Also

http://www.nessus.org/u?7ebd0350

https://tools.cisco.com/security/center/viewAlert.x?alertId=38182

https://tools.cisco.com/bugsearch/bug/CSCur62957

Plugin Details

Severity: High

ID: 83054

File Name: cisco-sa-20150415-iosxr.nasl

Version: 1.14

Type: combined

Family: CISCO

Published: 4/24/2015

Updated: 4/8/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2015-0695

Vulnerability Information

CPE: cpe:/o:cisco:ios_xr

Required KB Items: Host/Cisco/IOS-XR/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 4/14/2015

Vulnerability Publication Date: 4/14/2015

Reference Information

CVE: CVE-2015-0695

BID: 74162

CISCO-SA: cisco-sa-20150415-iosxr

CISCO-BUG-ID: CSCur62957