CVE-2018-0165

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software versions 3.x.x.E through 16.x

Description: A vulnerability in the Internet Group Management Protocol (IGMP) packet-processing functionality could allow an unauthenticated, adjacent attacker to exhaust buffers on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software insufficiently processing IGMP Membership Query packets that are sent to an affected device. An attacker could exploit this vulnerability by sending a large number of IGMP Membership Query packets, which contain certain values, to an affected device. A successful exploit could allow the attacker to exhaust buffers on the affected device, resulting in a DoS condition that requires the device to be reloaded manually.

Recommendations: For Cisco IOS XE Software versions 3.x.x.E through 16.x, update to a fixed software release, as Cisco has released software updates that address this vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability for other versions.