A vulnerability in the Bidirectional Forwarding Detectionnbsp;(BFD) offload implementation of Cisconbsp;Catalyst 4500 Series Switches and Cisconbsp;Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial of servicenbsp;(DoS) condition.

The vulnerability is due to insufficient error handling when the BFD header in a BFD packet is incomplete.

An attacker could exploit this vulnerability by sending a crafted BFD message to or across an affected switch.

A successful exploit could allow the attacker to trigger a reload of the system.

Cisco has released software updates that address this vulnerability.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-bfd
This advisory is part of the March 28, 2018, release of the Cisconbsp;IOS and IOSnbsp;XE Software Security Advisory Bundled Publication, which includes 20 Cisco Security Advisories that describe 22 vulnerabilities.

For a complete list of the advisories and links to them, see Cisco Event Response: March 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication.

Security Impact Rating: High

CVE: CVE-2018-0155

Leave a Reply