CVE-2014-2176

Name of the Vulnerable Software and Affected Versions Cisco IOS XR versions 4.1.2 through 5.1.1

Description A vulnerability in the parsing of malformed Internet Protocol version 6 (IPv6) packets could allow an unauthenticated, remote attacker to cause a lockup and eventual reload of a Network Processor (NP) chip and a line card processing traffic. The issue is due to insufficient logic in parsing malformed IPv6 packets. An attacker could exploit this by sending a stream of malformed IPv6 packets to the affected device, leading to a denial of service (DoS) condition.

Recommendations For Cisco IOS XR versions 4.1.2 through 5.1.1, update to a fixed software version to address this vulnerability.