[AusNOG] Cisco Security Advisory: Cisco IOS Software Virtual Routing and Forwarding ICMP Queue Wedge Vulnerability

Cisco Systems Product Security Incident Response Team psirt at cisco.com
Thu Mar 26 03:04:07 EST 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco IOS Software Virtual Routing and Forwarding ICMP Queue Wedge Vulnerability

Advisory ID: cisco-sa-20150325-wedge

Revision 1.0

For Public Release 2015 March 25 16:00  UTC (GMT)

Summary
=======

A vulnerability within the virtual routing and forwarding (VRF) subsystem of Cisco IOS software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

The vulnerability is due to a failure to properly process malicious ICMP version 4 (ICMPv4) messages received on a VRF-enabled interface. An attacker could exploit this vulnerability by submitting ICMPv4 messages designed to trigger the vulnerability on an affected device. When the ICMPv4 messages are processed, the packet queue of the affected interface may not be cleared, leading to a queue wedge. When a wedge occurs, the affected device will stop processing any additional packets received on the wedged interface.

Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedge

Note: The March 25, 2015, Cisco IOS & XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS & XE Software Security Advisory Bundled Publication at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJVEg3FAAoJEIpI1I6i1Mx3DKAQAKh0z1Us2roV3ahSr8fiIDVW
/veWzUDTFiGdlGS4xWExyHL92srs+DoT3wRDwX1UqvmkdRUTfQPGIQl1LAyWujMA
TkP6xhTBRTYVtQVQVb4Ubya966QlykNs4jEcmlcep/mGWddLDfF0cOpqDAREAc+Y
A8FBn946o3m1Ds/zTkRtvuwc2MOEOglZS6A7fc0a/iDCsnD/FaBlaxHjukgt6xbY
OShTjGzJZ7IMsbBizCvlVRYiogCED3EGJ4unM+LvjMRSX2JOu1t5CUJmcXmWIP3u
KDQQRB/flmhIUkcaBOMxn4FdBc6ISVLRGPLFSyYJBxz3YE05JqER9QPdK+c2wjKl
uyVjCa9Iljuxoqn4TYYFR1X5Gxzt3YZgNJIhy6DTZP6O0OI4U4OaJsiBNDrs3ZMo
C9Khl63TlzPG0NfbKXaiPc/2ZakUqty1sKkrFagQ1NcyyzRMJL13uhRIm6G8PPhB
Kh1K2GBqGuligoHLVSC0r2NR015iTNobmV+54RCb0RuU+LKl2XFQKYWc3UmNRuQG
36Kf5cZT0gJrF4rryaeCfaSA/LkQsBxEUaMci/APLSR/+qGADTR7EHfIW5kkFlZ7
t/Xi7LON6q3KVBavi3Lo1P+wYV9iNHqy1aeRzAGdC4+FKe0rCdU5cgMZrO1Oc+r6
POD7hEJjIhAb4hRZTjqN
=qckG
-----END PGP SIGNATURE-----


More information about the AusNOG mailing list