Launching soon: The world's first vendor agnostic bug scrubLearn more & join waitlist
OPERATIONAL DEFECT DATABASE
...
...
A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4 messages are improperly validated when they are processed by an affected device. An attacker could exploit this vulnerability by sending a malformed DHCPv4 message to an affected device. A successful exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the _dhcpd_ process. While the _dhcpd_ process is restarting, which may take up to approximately two minutes, DHCPv4 server services are unavailable on the affected device. This could temporarily prevent network access to clients that join the network during that time period. Note: Only the _dhcpd_ _process crashes and eventually restarts automatically. The router does not reload._ _Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability._ _This advisory is available at the following link:_ _https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-pjPVReLU_
At the time of publication, this vulnerability affected the following Cisco products if they were running Cisco IOS XR Software releases 6.7.2, 7.1.2, or 7.2.1 and later and earlier than Release 7.3.2 or earlier than Release 7.4.1 and had the DHCPv4 server feature or the DHCPv4 proxy feature enabled: * ASR 9000 Series Aggregation Services Routers * IOS XRv 9000 Routers * Network Convergence System (NCS) 540 Series Routers * NCS 560 Series Routers * NCS 5000 Series Routers * NCS 5500 Series Routers At the time of publication, the following Cisco IOS XR Software releases contained the fix for this vulnerability: * 7.3.2 and later * 7.4.1 and later At the time of publication, Cisco had released the following SMU to address this vulnerability: * asr9k-x64-7.1.3.CSCvw95930 for ASR9K-X64 running IOS XR 7.1.3
Please refer to the Security Advisory.
Please refer to the Security Advisory. *PSIRT Evaluation:* The Cisco PSIRT has assigned this bug the following CVSS version 3 score. The Base CVSS score as of the time of evaluation is 5.8: https://tools.cisco.com/security/center/cvssCalculator.x?vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L CVE ID CVE-2021-34737 has been assigned to document this issue. Information about Fixed, Vulnerable, and Nonvulnerable releases--as well as information about fixed release availability--is not maintained by Cisco PSIRT. Please refer to the appropriate fields in this bug. If you require additional help to obtain this information, please open a support case with your support organization. Additional information on Cisco's security vulnerability policy can be found at the following URL: https://tools.cisco.com/security/center/resources/security_vulnerability_policy.html