Symptom
A vulnerability in the packet-processing code of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers (ASR) could allow an adjacent attacker to cause a Network Processing Unit (NPU) chip reset and potentially a reload of the affected line card that is processing traffic. Only Lightspeed line cards are affected by this vulnerability.
The vulnerability is due to improper processing of specially crafted UDP packets. An attacker could exploit this vulnerability by sending crafted UDP packets to the targeted device. An exploit could allow the attacker to cause an NPU chip reset and potentially a reload of the affected line card.
This vulnerability only affects Cisco ASR 9000 Series Routers with Lightspeed-based line cards running Cisco IOS XR Software Release 6.5.2.
Conditions
Product running with the default configuration.
Further Problem Description
This vulnerability only affects Cisco ASR 9000 Series Routers with Lightspeed-based line cards running Cisco IOS XR Software Release 6.5.2.
PSIRT Evaluation
The Cisco PSIRT has assigned this bug the following CVSS version 3 score. The Base CVSS score as of the time of evaluation is 7.4:
https://tools.cisco.com/security/center/cvssCalculator.x?version=3.0&vector=CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
No CVE ID has been assigned to this issue.
Additional information on Cisco''s security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
