Memory leak in Cisco IOS XR - CVE-2016-6355
Published: August 11, 2016
Vulnerability identifier: #VU301
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2016-6355
CWE-ID: CWE-401
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco IOS XR
Cisco IOS XR
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service attack.
The vulnerability exists due to an error in driver processing functions of Cisco IOS XR Software for Cisco ASR 9001 Aggregation Services Routers. A remote unauthenticated attacker can send specially crafted fragmented IPv4 or IPv6 packets to unicast address of vulnerable device and cause memory leak on the route processor (RP).The packets can be send to arbitrary address of the affected device.
Successful exploitation of this vulnerability will result in denial of service of the vulnerable device.
How to mitigate CVE-2016-6355
This vulnerability is fixed in Cisco IOS XR Software Release 5.3.3 for Cisco ASR 9001 Aggregation Services Routers.
This vulnerability has also been corrected in the following Software Maintenance Updates (SMUs) for Cisco IOS XR Software:
This vulnerability has also been corrected in the following Software Maintenance Updates (SMUs) for Cisco IOS XR Software:
- asr9k-px-5.3.2.CSCux26791.pie for Releases 5.3.x
- asr9k-px-5.2.4.CSCux26791.pie for Releases 5.2.x
- asr9k-px-5.1.3.CSCux26791.pie for Releases 5.1.x