Race condition

2024-03-1317:15:00

PRIOn knowledge base

www.prio-n.com

layer 2 ethernet

cisco ios xr software

unauthenticated attacker

adjacent attacker

line card network processor

denial of service (dos)

incorrect handling

specific ethernet frames

ingress interface

loss of traffic

network processor reset

vulnerability

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

A vulnerability in the Layer 2 Ethernet services of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the line card network processor to reset, resulting in a denial of service (DoS) condition.

This vulnerability is due to the incorrect handling of specific Ethernet frames that are received on line cards that have the Layer 2 services feature enabled. An attacker could exploit this vulnerability by sending specific Ethernet frames through an affected device. A successful exploit could allow the attacker to cause the ingress interface network processor to reset, resulting in a loss of traffic over the interfaces that are supported by the network processor. Multiple resets of the network processor would cause the line card to reset, resulting in a DoS condition.