CVE-2013-5549

Name of the Vulnerable Software and Affected Versions Cisco IOS XR versions 3.8.1 through 4.2.0 Cisco IOS XR Software Releases 3.3.0 to 4.2.0

Description The issue is related to the improper processing of fragmented packets within certain route-processor components, which can cause a denial of service (transmission outage) via IPv4 or IPv6 traffic. This is due to the improper handling of fragmented packets, which could result in the route processor being unable to transmit packets to the fabric.

Recommendations For versions 3.8.1 through 4.2.0, update to version 4.2.1 or later of Cisco IOS XR Software to address the vulnerability. For versions 3.3.0 to 4.2.0, install the Software Maintenance Upgrades (SMU) for Cisco bug ID CSCtz62593 to mitigate the issue.