Cisco IOS XR Internet Control Message Protocol Denial of Service Vulnerability

Cisco IOS XR Software is affected by a denial of service (DoS) vulnerability that could allow an authenticated, local attacker to trigger a reload of the affected device by locally generating certain Internet Control Message Protocol (ICMP) messages.

The vulnerability is due to a combination of Silicon Packet Processor (SPP) buffer corruption and a mutex issue when an extended ping with timeout=0 and a large packet size is terminated with Control-C. An attacker could exploit this vulnerability by sending large ICMP packets from an affected device.

Cisco has confirmed this vulnerability in a security notice; however, software updates are not available.

To exploit this vulnerability, the attacker would need to authenticate locally to the targeted system. This access requirement decreases the likelihood of a successful exploit.