CVE-2015-0618

Name of the Vulnerable Software and Affected Versions Cisco IOS XR versions 5.0.1 through 5.2.1 on Network Convergence System (NCS) 6000 devices Cisco IOS XR versions 5.1.3 through 5.1.4 on Carrier Routing System X (CRS-X) devices

Description The issue allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers. This is due to improper processing of malformed IPv6 packets carrying extension headers. An attacker could exploit this by sending a malformed IPv6 packet, carrying extension headers, through an affected Cisco IOS XR device line card, allowing the attacker to cause a reload of the line card on the affected Cisco IOS XR device.

Recommendations For Cisco IOS XR versions 5.0.1 through 5.2.1 on Network Convergence System (NCS) 6000 devices, update to a fixed software version. For Cisco IOS XR versions 5.1.3 through 5.1.4 on Carrier Routing System X (CRS-X) devices, update to a fixed software version. As a temporary workaround, consider restricting the processing of IPv6 packets with extension headers until a patch is available.