CVE-2013-3464

Name of the Vulnerable Software and Affected Versions Cisco IOS XR Software (affected versions not specified)

Description The issue allows local users to cause a denial of service by starting an outbound flood of large ICMP Echo Request packets and stopping this with a CTRL-C sequence. This is due to a combination of Silicon Packet Processor buffer corruption and a mutex issue when an extended ping with timeout=0 and a large packet size is terminated with Control-C. An attacker could exploit this by sending large ICMP packets from the affected device, but would need to authenticate locally to the targeted system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.