A vulnerability in the IPv6 neighbor discovery (ND) handling of Cisco IOS XE Software on ASR platforms could allow an unauthenticated, adjacent attacker to cause an affected device to crash.

The vulnerability is due to insufficient bounds on internal tables. An attacker could exploit this vulnerability by flooding an adjacent IOS XE device with specific ND messages. An exploit could allow the attacker to deplete the available memory, possibly causing an affected device to crash.

Cisco has released software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151214-ios

Leave a Reply