You are here

T-631: Cisco XR 12000 Series Shared Port Adapters Interface Processor Vulnerability

May 26, 2011 - 3:35pm

Addthis

PROBLEM:

A vulnerability was reported in Cisco IOS XR 12000. A remote user can cause denial of service conditions.

PLATFORM:

This vulnerability affects any device that is running Cisco IOS XR Software Releases 3.9.0, 3.9.1, 3.9.2, 4.0.0, 4.0.1, 4.0.2, or 4.1.0 and has a SPA interface processor installed.

Vulnerability affects all Engine 5 Line Cards on the Cisco XR 12000 Series Routers. The engine 5 line cards are the SIP-600, SIP-601, SIP-501, and SIP-401.

ABSTRACT:

This vulnerability affects any device that is running affected releases of Cisco IOS XR Software and has an IPv4 address configured on any of the SPA interface processor interfaces.
 

reference LINKS:

Advisory ID: cisco-sa-20110525-iosxrspa
SecurityTracker Alert ID: 1025567
Cisco Software Download
Software Versions and Fixes
CVE-2011-1651
 

IMPACT ASSESSMENT:

High

Discussion:

A remote user can send a specially crafted IPv4 packet to cause the target Shared Port Adapters (SPA) Interface Processor to reload.

Cisco IOS XR Software, which is part of the Cisco IOS Software family, uses a microkernel-based distributed operating system infrastructure. Cisco IOS XR Software runs on the Cisco CRS, Cisco 12000 Series Routers, and Cisco ASR 9000 Series Aggregation Services Routers. This vulnerability only affects the SPA interface processors on the Cisco 12000 Series Routers that are running affected versions of Cisco IOS XR Software.
Vulnerability affects any device that is running affected releases of Cisco IOS XR Software and has an IPv4 address configured on any of the SPA interface processor interfaces.
When the SPA interface processor receives specific IPv4 packets destined for either a network or a network broadcast address of a configured interface, it will reload and produce an error message that is similar to what is shown in the example that follows. Transit traffic through the device does not trigger this vulnerability.

Impact:

Successful exploitation of the vulnerability may result in a reloading of the SPA interface processor. Repeated exploitation could result in a sustained denial of service (DoS) condition.

Solution:

Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.

Cisco IOS Software Checker
Cisco Security Advisories
 

Addthis